urlscan.io logo urlscan.io
SecurityTrails logo

newsyou.info Open in urlscan Pro
185.248.101.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Submission: On March 04 via manual from HU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 137 IPs in 15 countries across 150 domains to perform 762 HTTP transactions. The main IP is 185.248.101.21, located in Russian Federation and belongs to IPSERVER-RU-NET Fiord, RU. The main domain is newsyou.info.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 23rd 2021. Valid for: a year.
This is the only time newsyou.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
74 185.248.101.21 44812 (IPSERVER-...)
22 2a00:1450:400... 15169 (GOOGLE)
1 95.217.92.172 24940 (HETZNER-AS)
4 85.192.12.170 12695 (DINET-AS)
8 62.76.25.28 61400 (NETRACK-AS)
18 82.192.82.4 ()
4 2a00:1450:400... 15169 (GOOGLE)
4 34 104.19.135.78 13335 (CLOUDFLAR...)
9 93.95.100.117 48347 (MTW-AS)
19 147.135.189.55 16276 (OVH)
2 5 136.243.84.74 24940 (HETZNER-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 85.192.12.174 12695 (DINET-AS)
27 51.83.217.75 16276 (OVH)
4 143.204.90.82 16509 (AMAZON-02)
2 15 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a0c:5c81:514... 55081 (24SHELLS)
13 2a00:1450:400... 15169 (GOOGLE)
17 142.250.186.34 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 3 193.106.93.124 48614 (ITSOFT-AS)
2 85.192.12.173 12695 (DINET-AS)
13 185.148.37.79 48347 (MTW-AS)
2 3 88.212.201.198 39134 (UNITEDNET)
1 1 91.198.36.16 43405 (DIGITAL-V...)
1 91.198.36.78 43405 (DIGITAL-V...)
1 6 2a02:6b8::1:119 13238 (YANDEX)
2 193.200.65.18 6681 (GIVEME-CLOUD)
7 2a03:90c0:41:... 199524 (GCORE)
1 9 23.37.42.132 16625 (AKAMAI-AS)
7 10 34.252.253.152 16509 (AMAZON-02)
1 104.16.199.73 13335 (CLOUDFLAR...)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
17 17 52.57.230.211 16509 (AMAZON-02)
1 88.214.205.108 46636 (NATCOWEB)
4 4 18.193.144.52 ()
19 33 142.250.185.98 15169 (GOOGLE)
1 104.19.216.61 13335 (CLOUDFLAR...)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
8 3.81.198.99 14618 (AMAZON-AES)
3 3 83.222.114.187 42632 (MNOGOBYTE...)
1 1 2a02:6b8::90 13238 (YANDEX)
2 2 89.108.120.68 197695 (AS-REG)
2 3 185.15.175.145 43226 (SAFEDATA ...)
2 7 88.99.149.88 24940 (HETZNER-AS)
2 2 138.201.139.144 24940 (HETZNER-AS)
1 1 95.217.193.26 24940 (HETZNER-AS)
2 94.23.153.171 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
51 2a00:1450:400... 15169 (GOOGLE)
18 93.95.99.151 48347 (MTW-AS)
4 4 195.201.243.72 24940 (HETZNER-AS)
1 1 116.202.49.95 24940 (HETZNER-AS)
7 93.95.102.105 48347 (MTW-AS)
5 37.18.16.21 205675 (HYBRID-AS)
2 2 195.209.108.36 52007 (ADRIVER-AS)
3 3 188.42.191.196 7979 (SERVERS-COM)
2 4 31.220.27.134 39572 (ADVANCEDH...)
3 185.29.133.223 30419 (MEDIAMATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 193.200.65.5 6681 (GIVEME-CLOUD)
2 34.120.139.69 15169 (GOOGLE)
1 3 193.232.148.160 48061 (UMA-TECH-AS)
3 3 146.0.227.110 20773 (GODADDY)
2 193.200.65.6 6681 (GIVEME-CLOUD)
1 6 88.99.219.174 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
2 195.161.16.136 8342 (RTCOMM-AS)
13 95.163.155.38 12695 (DINET-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 69.173.144.165 26667 (RUBICONPR...)
1 18.208.241.4 14618 (AMAZON-AES)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
4 5 2620:116:800d... 16509 (AMAZON-02)
3 3 52.35.2.64 16509 (AMAZON-02)
4 5 35.186.253.211 15169 (GOOGLE)
4 7 185.64.189.115 62713 (AS-PUBMATIC)
6 17 184.30.20.241 16625 (AKAMAI-AS)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 185.86.138.121 201081 (SMARTADSE...)
3 69.173.144.140 26667 (RUBICONPR...)
4 28 35.244.159.8 15169 (GOOGLE)
7 18 185.33.220.240 29990 (ASN-APPNEX)
12 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 188.138.57.20 8972 (GD-EMEA-D...)
1 1 52.28.108.245 16509 (AMAZON-02)
2 3 34.120.207.148 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
3 52.218.108.147 16509 (AMAZON-02)
3 151.101.13.108 54113 (FASTLY)
6 184.30.20.198 16625 (AKAMAI-AS)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
12 68.232.35.16 15133 (EDGECAST)
4 4 185.29.135.234 30419 (MEDIAMATH...)
5 6 37.157.3.29 198622 (ADFORM)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.168 1299 (TELIANET ...)
2 26 185.64.190.80 62713 (AS-PUBMATIC)
10 10 52.214.70.9 16509 (AMAZON-02)
2 41 185.86.137.133 201081 (SMARTADSE...)
4 4 198.148.27.139 19189 (PULSEPOINT)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
3 3 87.98.228.78 16276 (OVH)
3 5 213.19.147.150 26120 (RHYTHMONE)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
5 6 199.232.137.44 54113 (FASTLY)
5 5 18.185.192.106 16509 (AMAZON-02)
3 4 35.227.248.159 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
2 3 159.253.128.183 36351 (SOFTLAYER)
3 5 3.126.56.137 16509 (AMAZON-02)
2 185.64.189.114 62713 (AS-PUBMATIC)
4 2a00:1288:110... 34010 (YAHOO-IRD)
2 6 2001:678:cb4:... 56396 (TURN)
1 1 34.192.210.97 14618 (AMAZON-AES)
6 8 151.101.114.49 54113 (FASTLY)
5 5 66.155.71.150 13768 (COGECO-PEER1)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
5 6 185.33.220.241 29990 (ASN-APPNEX)
1 1 52.30.76.93 16509 (AMAZON-02)
2 2 18.158.93.70 16509 (AMAZON-02)
4 4 185.183.112.155 60350 (VP)
3 51.178.20.139 16276 (OVH)
6 6 2a05:d018:24:... 16509 (AMAZON-02)
8 10 51.77.188.223 16276 (OVH)
10 12 51.89.20.86 16276 (OVH)
2 2 64.202.112.191 22075 (AS-OUTBRAIN)
2 2 185.255.84.152 200271 (IGUANE-)
2 2 116.202.161.117 24940 (HETZNER-AS)
2 88.214.206.247 46636 (NATCOWEB)
2 143.204.90.40 16509 (AMAZON-02)
1 18.185.187.62 16509 (AMAZON-02)
3 3 51.210.112.236 16276 (OVH)
2 2 52.48.248.240 16509 (AMAZON-02)
1 34.96.105.8 15169 (GOOGLE)
1 2 52.95.116.38 16509 (AMAZON-02)
2 2 3.232.11.255 14618 (AMAZON-AES)
1 3.123.45.2 16509 (AMAZON-02)
1 2 54.239.17.112 16509 (AMAZON-02)
1 1 52.17.96.80 16509 (AMAZON-02)
1 1 54.82.140.85 14618 (AMAZON-AES)
1 1 54.197.138.233 14618 (AMAZON-AES)
2 2 52.50.99.220 16509 (AMAZON-02)
1 2 46.228.164.13 56396 (TURN)
2 2 104.111.238.139 16625 (AKAMAI-AS)
1 104.16.91.60 13335 (CLOUDFLAR...)
1 52.212.223.152 16509 (AMAZON-02)
2 46.228.164.11 56396 (TURN)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2.18.234.233 16625 (AKAMAI-AS)
4 5 35.156.153.71 16509 (AMAZON-02)
2 4 216.52.2.48 29791 (VOXEL-DOT...)
1 154.57.158.51 26558 (FREEWHEEL)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2 104.129.168.238 40244 (TURNKEY-I...)
1 2 35.186.212.60 15169 (GOOGLE)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 104.111.218.85 16625 (AKAMAI-AS)
2 104.111.242.245 16625 (AKAMAI-AS)
1 52.4.51.239 14618 (AMAZON-AES)
2 2 54.84.103.220 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
2 184.30.24.22 16625 (AKAMAI-AS)
1 54.175.102.177 14618 (AMAZON-AES)
1 3.220.82.225 14618 (AMAZON-AES)
2 185.64.190.81 62713 (AS-PUBMATIC)
762 137
74    185.248.101.21 (Russian Federation)

ASN44812 (IPSERVER-RU-NET Fiord, RU)
newsyou.info
22    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    95.217.92.172 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.172.92.217.95.clients.your-server.de
newsyou-info.psh.one
4    85.192.12.170 (Russian Federation)

ASN12695 (DINET-AS, RU)
ybej5ohp0x.ru
8    62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
mhjcpn.com
dkrbus.com
18    82.192.82.4 (Netherlands)

ASN- ()
PTR: lw2070.ua-hosting.company
jsn.24smi.net
data.24smi.net
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
34    104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
c.mgid.com
9    93.95.100.117 (Podolsk, Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
news.2xclick.ru
news.gnezdo.ru
19    147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com
m.mixadvert.com
5    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
recreativ.ru
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)
pwrlkyotm.com
27    51.83.217.75 (Warsaw, Poland)

ASN16276 (OVH, FR)
a4p.adpartner.pro
4    143.204.90.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-82.fra50.r.cloudfront.net
theroswaf.com
15    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
adservice.google.nl
13    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtcontent.com
ghb.adtelligent.com
13    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
17    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.nl
10    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    193.106.93.124 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
2    85.192.12.173 (Russian Federation)

ASN12695 (DINET-AS, RU)
dmpprof.com
13    185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
fcgi5.gnezdo.ru
fcgi5.2xclick.ru
3    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
1    91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
r.i.ua
1    91.198.36.78 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
i.i.ua
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    193.200.65.18 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
utarget.ru
7    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
9    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
10    34.252.253.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-253-152.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
ams.creativecdn.com
17    52.57.230.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    88.214.205.108 (United Kingdom)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
4    18.193.144.52 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-18-193-144-52.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
33    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
2    2a02:26f0:7100:184::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
8    3.81.198.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
3    83.222.114.187 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
1    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
x01.aidata.io
3    185.15.175.145 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
7    88.99.149.88 (Germany)

ASN24940 (HETZNER-AS, DE)
sync.1dmp.io
2    138.201.139.144 (Germany)

ASN24940 (HETZNER-AS, DE)
cm.p.altergeo.ru
1    95.217.193.26 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.26.193.217.95.clients.your-server.de
front.redllama.ru
2    94.23.153.171 (London, United Kingdom)

ASN16276 (OVH, FR)
mixadvert.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3a6abf2073eefe788fd8f678a351018c.safeframe.googlesyndication.com
51    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
18    93.95.99.151 (Russian Federation)

ASN48347 (MTW-AS, RU)
zn2.2xclick.ru
zn2.gnezdo.ru
4    195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info
www.acint.net
acint.net
1    116.202.49.95 (Germany)

ASN24940 (HETZNER-AS, DE)
ssp-rtb.sape.ru
7    93.95.102.105 (Podolsk, Russian Federation)

ASN48347 (MTW-AS, RU)
fcgi4.gnezdo.ru
5    37.18.16.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    195.209.108.36 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
3    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
3    185.29.133.223 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
t.trafmag.com
2    34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dsp-trk.eskimi.com
3    193.232.148.160 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
px.adhigh.net
3    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
6    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
hal9000.redintelligence.net
hal900029.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    195.161.16.136 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
cdn.directadvert.ru
13    95.163.155.38 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)
vyd5aaalwd.ru
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f948bd9696d8d612fa1fb46b776024a4.safeframe.googlesyndication.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    18.208.241.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
3    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
5    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
3    52.35.2.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
e.dlx.addthis.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
7    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
17    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2a05:d01c:1d8:8101:f6ab:342:7837:ce6e (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
3    2606:4700:10::6816:3785 (United States)

ASN13335 (CLOUDFLARENET, US)
img.servestatic.net
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
28    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
adpone-d.openx.net
eu-u.openx.net
us-u.openx.net
18    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
12    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
6    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    188.138.57.20 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
cdn.contentspread.net
1    52.28.108.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
3    34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
id.rlcdn.com
idsync.rlcdn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
3    52.218.108.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
s3-eu-west-1.amazonaws.com
3    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
6    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
12    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ec-ns.sascdn.com
4    185.29.135.234 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.168 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
26    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
10    52.214.70.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
41    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    87.98.228.78 (Spain)

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu
green.erne.co
5    213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
5    18.185.192.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-192-106.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
3    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
3    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
4    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
6    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
presentation-ams1.turn.com
1    34.192.210.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-210-97.compute-1.amazonaws.com
sync.srv.stackadapt.com
8    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
openx2-match.dotomi.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
6    185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
1    52.30.76.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
2    18.158.93.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
4    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    51.178.20.139 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
6    2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
10    51.77.188.223 (France)

ASN16276 (OVH, FR)
PTR: ip223.ip-51-77-188.eu
cookie-matching.mediarithmics.com
12    51.89.20.86 (London, United Kingdom)

ASN16276 (OVH, FR)
id5-sync.com
2    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    185.255.84.152 (Paris, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    116.202.161.117 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
2    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    143.204.90.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-40.fra50.r.cloudfront.net
s.ad.smaato.net
1    18.185.187.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.justpremium.com
3    51.210.112.236 (France)

ASN16276 (OVH, FR)
pixel.onaudience.com
2    52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
tr.blismedia.com
2    52.95.116.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    3.232.11.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    3.123.45.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
j.mrpdata.net
2    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.17.96.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    54.82.140.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
1    54.197.138.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
2    52.50.99.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
2    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
2    104.111.238.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    104.16.91.60 (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    52.212.223.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
synchroscript.deliveryengine.adswizz.com
2    46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)
r.turn.com
1    2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
amobee-partners.tremorhub.com
1    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    35.156.153.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-153-71.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    154.57.158.51 (United States)

ASN26558 (FREEWHEEL, US)
PTR: amsadvip2.fwmrm.net
dsp.v.fwmrm.net
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    104.129.168.238 (United States)

ASN40244 (TURNKEY-INTERNET, US)
PTR: 104-129-168-238.static.as40244.net
sync.alphonso.tv
2    35.186.212.60 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com
tag.yieldoptimizer.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com
ad.yieldlab.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    52.4.51.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
2    54.84.103.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i.liadm.com
1    2600:1f18:444a:4602:a911:dd8a:407b:f40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    54.175.102.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
bpi.rtactivate.com
1    3.220.82.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
74 newsyou.info
newsyou.info
16 MB
62 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
357 KB
62 googlesyndication.com
pagead2.googlesyndication.com
3a6abf2073eefe788fd8f678a351018c.safeframe.googlesyndication.com
tpc.googlesyndication.com
f948bd9696d8d612fa1fb46b776024a4.safeframe.googlesyndication.com
561 KB
47 smartadserver.com
prg.smartadserver.com
csync.smartadserver.com
rtb-csync.smartadserver.com
27 KB
47 pubmatic.com
image6.pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
116 KB
41 mgid.com
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
video-native.mgid.com
c.mgid.com
476 KB
33 openx.net
rtb.openx.net
adpone-d.openx.net
eu-u.openx.net
us-u.openx.net
9 KB
28 gnezdo.ru
news.gnezdo.ru
fcgi5.gnezdo.ru
fcgi4.gnezdo.ru
zn2.gnezdo.ru
114 KB
27 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
71 KB
27 adpartner.pro
a4p.adpartner.pro
59 KB
25 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
2 MB
21 mixadvert.com
m.mixadvert.com
mixadvert.com
181 KB
19 2xclick.ru
news.2xclick.ru
zn2.2xclick.ru
fcgi5.2xclick.ru
217 KB
18 24smi.net
jsn.24smi.net
data.24smi.net
50 KB
17 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
20 KB
17 bidswitch.net
x.bidswitch.net
6 KB
16 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
fastlane.rubiconproject.com
47 KB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
198 KB
13 vyd5aaalwd.ru
vyd5aaalwd.ru
183 KB
13 ampproject.org
cdn.ampproject.org
236 KB
12 id5-sync.com
id5-sync.com
15 KB
12 sascdn.com
ec-ns.sascdn.com
39 KB
12 google.com
adservice.google.com
www.google.com
2 KB
11 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
106 KB
10 mediarithmics.com
cookie-matching.mediarithmics.com
4 KB
10 turn.com
ad.turn.com
presentation-ams1.turn.com
d.turn.com
r.turn.com
8 KB
10 bidr.io
match.prod.bidr.io
4 KB
10 adsrvr.org
match.adsrvr.org
4 KB
9 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
6 KB
8 everesttech.net
sync-tm.everesttech.net
2 KB
8 mathtag.com
tags.mathtag.com
pixel.mathtag.com
sync.mathtag.com
5 KB
7 dkrbus.com
dkrbus.com
160 KB
7 1dmp.io
sync.1dmp.io
3 KB
7 yandex.ru
mc.yandex.ru
an.yandex.ru
68 KB
7 googletagservices.com
www.googletagservices.com
217 KB
6 tidaltv.com
sync.tidaltv.com
2 KB
6 taboola.com
trc.taboola.com
match.taboola.com
1 KB
6 adform.net
c1.adform.net
2 KB
6 2mdn.net
s0.2mdn.net
99 KB
6 redintelligence.net
hal9000.redintelligence.net
hal900029.redintelligence.net
10 KB
5 advertising.com
pixel.advertising.com
2 KB
5 sitescout.com
pixel-sync.sitescout.com
2 KB
5 w55c.net
pm.w55c.net
4 KB
5 1rx.io
sync.1rx.io
1 KB
5 quantserve.com
cms.quantserve.com
pixel.quantserve.com
2 KB
5 hybrid.ai
dm.hybrid.ai
1 KB
5 recreativ.ru
recreativ.ru
1 KB
4 lijit.com
ce.lijit.com
2 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 adotmob.com
sync.adotmob.com
2 KB
4 tapad.com
pixel.tapad.com
1 KB
4 contextweb.com
bh.contextweb.com
2 KB
4 trafmag.com
t.trafmag.com
m.trafmag.com
1 KB
4 uuidksinc.net
s.uuidksinc.net
1 KB
4 acint.net
www.acint.net
acint.net
1 KB
4 sportradarserving.com
a.sportradarserving.com
3 KB
4 theroswaf.com
theroswaf.com
35 KB
4 google-analytics.com
www.google-analytics.com
37 KB
4 ybej5ohp0x.ru
ybej5ohp0x.ru
76 KB
3 liadm.com
i.liadm.com
i6.liadm.com
1 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 dyntrk.com
gu.dyntrk.com
645 B
3 simpli.fi
um.simpli.fi
1 KB
3 semasio.net
uipglob.semasio.net
2 KB
3 erne.co
green.erne.co
770 B
3 amazonaws.com
s3-eu-west-1.amazonaws.com
42 KB
3 rlcdn.com
id.rlcdn.com
idsync.rlcdn.com
888 B
3 servestatic.net
img.servestatic.net
55 KB
3 addthis.com
e.dlx.addthis.com
x.dlx.addthis.com Failed
3 KB
3 adpone.com
hb.adpone.com
283 KB
3 admixer.net
inv-nets.admixer.net
1 KB
3 adhigh.net
px.adhigh.net
1 KB
3 betweendigital.com
ads.betweendigital.com
1 KB
3 digitaltarget.ru
dmg.digitaltarget.ru
3 KB
3 com.ru
rtb.com.ru
3 KB
3 admanmedia.com
sync.admanmedia.com
cs.admanmedia.com
1 KB
3 yadro.ru
counter.yadro.ru
2 KB
3 prodmp.ru
prodmp.ru
2 KB
2 media.net
contextual.media.net
742 B
2 teads.tv
sync.teads.tv
344 B
2 yieldoptimizer.com
tag.yieldoptimizer.com
2 KB
2 alphonso.tv
sync.alphonso.tv
1 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com
1 KB
2 scoota.co
r.scoota.co
1 KB
2 ipredictive.com
sync.ipredictive.com
959 B
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 smaato.net
s.ad.smaato.net
498 B
2 loopme.me
csync.loopme.me
452 B
2 omnitagjs.com
visitor.omnitagjs.com
540 B
2 zemanta.com
b1sync.zemanta.com
654 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 dotomi.com
pubmatic-match.dotomi.com
openx2-match.dotomi.com
207 B
2 fiftyt.com
visitor.fiftyt.com
992 B
2 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
8 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 adition.com
dsp.adfarm1.adition.com
988 B
2 de17a.com
d5p.de17a.com
637 B
2 directadvert.ru
cdn.directadvert.ru
151 KB
2 eskimi.com
dsp-trk.eskimi.com
233 B
2 adriver.ru
ad.adriver.ru
1 KB
2 google.nl
adservice.google.nl
2 KB
2 altergeo.ru
cm.p.altergeo.ru
1 KB
2 aidata.io
x01.aidata.io
2 KB
2 creativecdn.com
creativecdn.com
ams.creativecdn.com
691 B
2 utarget.ru
utarget.ru
55 KB
2 i.ua
r.i.ua
i.i.ua
2 KB
2 dmpprof.com
dmpprof.com
982 B
2 google.de
adservice.google.de
942 B
2 facebook.net
connect.facebook.net
61 KB
2 cloudflare.com
cdnjs.cloudflare.com
35 KB
1 bfmio.com
sync.bfmio.com
408 B
1 rtactivate.com
bpi.rtactivate.com
109 B
1 adentifi.com
rtb.adentifi.com
88 B
1 yieldlab.net
ad.yieldlab.net
360 B
1 rfihub.com
p.rfihub.com
719 B
1 fwmrm.net
dsp.v.fwmrm.net
361 B
1 stickyadstv.com
ads.stickyadstv.com
713 B
1 tremorhub.com
amobee-partners.tremorhub.com
183 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
426 B
1 truoptik.com
dmp.truoptik.com
1 extend.tv
sync.extend.tv
546 B
1 advangelists.com
nep.advangelists.com
232 B
1 adroll.com
d.adroll.com
112 B
1 mrpdata.net
j.mrpdata.net
75 B
1 blismedia.com
tr.blismedia.com
136 B
1 justpremium.com
match.justpremium.com
324 B
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
484 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 stackadapt.com
sync.srv.stackadapt.com
617 B
1 adgrx.com
cm.adgrx.com
408 B
1 criteo.com
dis.criteo.com
284 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
d.agkn.com
aa.agkn.com Failed
665 B
1 contentspread.net
cdn.contentspread.net
77 KB
1 innovid.com
ag.innovid.com
295 B
1 sape.ru
ssp-rtb.sape.ru
649 B
1 redllama.ru
front.redllama.ru
208 B
1 lentainform.com
cm.lentainform.com
623 B
1 idealmedia.io
cm.idealmedia.io
555 B
1 adtelligent.com
ghb.adtelligent.com
414 B
1 googleadservices.com
partner.googleadservices.com
262 B
1 adtcontent.com
ghb.adtcontent.com
2 KB
1 pwrlkyotm.com
pwrlkyotm.com
5 KB
1 mhjcpn.com
mhjcpn.com
19 KB
1 psh.one
newsyou-info.psh.one
4 KB
0 bluekai.com Failed
tags.bluekai.com Failed
0 3lift.com Failed
eb2.3lift.com Failed
0 emxdgt.com Failed
e1.emxdgt.com Failed
762 150
Domain Requested by
74 newsyou.info newsyou.info
pagead2.googlesyndication.com
41 rtb-csync.smartadserver.com 2 redirects ec-ns.sascdn.com
csync.smartadserver.com
eu-u.openx.net
ssum-sec.casalemedia.com
presentation-ams1.turn.com
38 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
cdn.ampproject.org
pagead2.googlesyndication.com
33 cm.g.doubleclick.net 19 redirects newsyou.info
googleads.g.doubleclick.net
eu-u.openx.net
27 a4p.adpartner.pro newsyou.info
a4p.adpartner.pro
22 pagead2.googlesyndication.com newsyou.info
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
srcdoc
19 m.mixadvert.com newsyou.info
m.mixadvert.com
18 ib.adnxs.com 7 redirects hb.adpone.com
acdn.adnxs.com
presentation-ams1.turn.com
ssum-sec.casalemedia.com
17 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
presentation-ams1.turn.com
17 x.bidswitch.net 17 redirects
16 zn2.2xclick.ru newsyou.info
14 us-u.openx.net 2 redirects eu-u.openx.net
presentation-ams1.turn.com
14 fonts.gstatic.com fonts.googleapis.com
newsyou.info
13 vyd5aaalwd.ru newsyou.info
13 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
13 fonts.googleapis.com newsyou.info
googleads.g.doubleclick.net
13 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
newsyou.info
googleads.g.doubleclick.net
www.googletagservices.com
12 id5-sync.com 10 redirects csync.smartadserver.com
12 ec-ns.sascdn.com csync.smartadserver.com
12 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
12 fcgi5.gnezdo.ru news.2xclick.ru
newsyou.info
11 eu-u.openx.net 2 redirects hb.adpone.com
eu-u.openx.net
ec-ns.sascdn.com
10 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
presentation-ams1.turn.com
10 cookie-matching.mediarithmics.com 8 redirects csync.smartadserver.com
ec-ns.sascdn.com
10 match.prod.bidr.io 10 redirects
10 match.adsrvr.org 7 redirects eu-u.openx.net
ssum-sec.casalemedia.com
10 cm.mgid.com 4 redirects jsc.mgid.com
newsyou.info
10 securepubads.g.doubleclick.net theroswaf.com
securepubads.g.doubleclick.net
newsyou.info
www.googletagservices.com
10 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
9 image2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
9 data.24smi.net jsn.24smi.net
newsyou.info
9 jsn.24smi.net newsyou.info
jsn.24smi.net
8 sync-tm.everesttech.net 6 redirects csync.smartadserver.com
8 track1.aniview.com newsyou.info
player.aniview.com
8 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
hb.adpone.com
7 ssum-sec.casalemedia.com 4 redirects ec-ns.sascdn.com
ssum-sec.casalemedia.com
7 image6.pubmatic.com 4 redirects ads.pubmatic.com
7 dkrbus.com newsyou.info
7 fcgi4.gnezdo.ru newsyou.info
7 sync.1dmp.io 2 redirects newsyou.info
news.2xclick.ru
7 video-native.mgid.com jsc.mgid.com
newsyou.info
video-native.mgid.com
7 s-img.mgid.com newsyou.info
7 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
7 news.gnezdo.ru newsyou.info
news.2xclick.ru
6 sync.tidaltv.com 6 redirects
6 secure.adnxs.com 5 redirects ssum-sec.casalemedia.com
6 c1.adform.net 5 redirects image6.pubmatic.com
6 ads.pubmatic.com hb.adpone.com
ads.pubmatic.com
6 pubads.g.doubleclick.net imasdk.googleapis.com
6 s0.2mdn.net imasdk.googleapis.com
6 mc.yandex.ru 1 redirects newsyou.info
mc.yandex.ru
6 servicer.mgid.com jsc.mgid.com
player.aniview.com
5 pixel.advertising.com 4 redirects eu-u.openx.net
5 pixel-sync.sitescout.com 5 redirects
5 ups.analytics.yahoo.com 3 redirects presentation-ams1.turn.com
5 pm.w55c.net 5 redirects
5 sync.1rx.io 3 redirects eu-u.openx.net
presentation-ams1.turn.com
5 hal900029.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900029.redintelligence.net
5 rtb.openx.net 4 redirects eu-u.openx.net
5 dm.hybrid.ai newsyou.info
news.2xclick.ru
5 recreativ.ru 2 redirects newsyou.info
recreativ.ru
4 ce.lijit.com 2 redirects presentation-ams1.turn.com
eu-u.openx.net
4 sync.adotmob.com 4 redirects
4 ad.turn.com 2 redirects ec-ns.sascdn.com
4 pr-bh.ybp.yahoo.com ads.pubmatic.com
eu-u.openx.net
ssum-sec.casalemedia.com
4 pixel.tapad.com 3 redirects image6.pubmatic.com
4 bh.contextweb.com 4 redirects
4 pixel.quantserve.com 4 redirects
4 sync.mathtag.com 4 redirects
4 c.mgid.com newsyou.info
4 s.uuidksinc.net 2 redirects newsyou.info
4 a.sportradarserving.com 4 redirects
4 theroswaf.com newsyou.info
4 jsc.mgid.com newsyou.info
4 www.google-analytics.com newsyou.info
www.google-analytics.com
a4p.adpartner.pro
4 ybej5ohp0x.ru newsyou.info
ybej5ohp0x.ru
3 pixel.onaudience.com 3 redirects
3 gu.dyntrk.com csync.smartadserver.com
eu-u.openx.net
ec-ns.sascdn.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 uipglob.semasio.net 2 redirects ads.pubmatic.com
3 match.taboola.com 2 redirects image6.pubmatic.com
3 trc.taboola.com 3 redirects
3 green.erne.co 3 redirects
3 csync.smartadserver.com hb.adpone.com
3 acdn.adnxs.com hb.adpone.com
3 s3-eu-west-1.amazonaws.com newsyou.info
s3-eu-west-1.amazonaws.com
3 adpone-d.openx.net hb.adpone.com
3 fastlane.rubiconproject.com hb.adpone.com
3 prg.smartadserver.com hb.adpone.com
3 hbopenbid.pubmatic.com hb.adpone.com
3 img.servestatic.net newsyou.info
3 pixel.rubiconproject.com 2 redirects presentation-ams1.turn.com
3 e.dlx.addthis.com 3 redirects
3 hb.adpone.com newsyou.info
s3-eu-west-1.amazonaws.com
3 inv-nets.admixer.net 3 redirects
3 px.adhigh.net 1 redirects newsyou.info
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 ads.betweendigital.com 3 redirects
3 www.acint.net 3 redirects
3 dmg.digitaltarget.ru 2 redirects pwrlkyotm.com
3 rtb.com.ru 3 redirects
3 counter.yadro.ru 2 redirects newsyou.info
3 prodmp.ru 2 redirects pwrlkyotm.com
3 cdn.mgid.com newsyou.info
2 simage4.pubmatic.com ads.pubmatic.com
2 contextual.media.net presentation-ams1.turn.com
2 i.liadm.com 2 redirects
2 sync.teads.tv eu-u.openx.net
presentation-ams1.turn.com
2 tag.yieldoptimizer.com 1 redirects presentation-ams1.turn.com
2 sync.alphonso.tv 1 redirects presentation-ams1.turn.com
2 sync.search.spotxchange.com 1 redirects presentation-ams1.turn.com
2 r.turn.com presentation-ams1.turn.com
2 sb.scorecardresearch.com 2 redirects
2 d.turn.com 1 redirects presentation-ams1.turn.com
2 r.scoota.co 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 sync.ipredictive.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects eu-u.openx.net
2 sync.crwdcntrl.net 2 redirects
2 presentation-ams1.turn.com ad.turn.com
2 s.ad.smaato.net csync.smartadserver.com
ec-ns.sascdn.com
2 cs.admanmedia.com csync.smartadserver.com
ec-ns.sascdn.com
2 csync.loopme.me 2 redirects
2 visitor.omnitagjs.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects ec-ns.sascdn.com
2 d5p.de17a.com 2 redirects
2 id.rlcdn.com 2 redirects
2 cdn.directadvert.ru newsyou.info
2 zn2.gnezdo.ru newsyou.info
2 m.trafmag.com newsyou.info
2 dsp-trk.eskimi.com newsyou.info
2 t.trafmag.com newsyou.info
2 www.google.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
2 ad.adriver.ru 2 redirects
2 adservice.google.nl securepubads.g.doubleclick.net
2 mixadvert.com newsyou.info
2 cm.p.altergeo.ru 2 redirects
2 x01.aidata.io 2 redirects
2 player.aniview.com jsc.mgid.com
player.aniview.com
2 utarget.ru newsyou.info
utarget.ru
2 dmpprof.com pwrlkyotm.com
2 adservice.google.de pagead2.googlesyndication.com
2 connect.facebook.net newsyou.info
connect.facebook.net
2 cdnjs.cloudflare.com newsyou.info
2 news.2xclick.ru newsyou.info
1 spl.zeotap.com ads.pubmatic.com
1 sync.bfmio.com presentation-ams1.turn.com
1 bpi.rtactivate.com presentation-ams1.turn.com
1 i6.liadm.com presentation-ams1.turn.com
1 idsync.rlcdn.com presentation-ams1.turn.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 ad.yieldlab.net eu-u.openx.net
1 p.rfihub.com 1 redirects
1 dsp.v.fwmrm.net presentation-ams1.turn.com
1 ads.stickyadstv.com presentation-ams1.turn.com
1 amobee-partners.tremorhub.com presentation-ams1.turn.com
1 synchroscript.deliveryengine.adswizz.com presentation-ams1.turn.com
1 dmp.truoptik.com presentation-ams1.turn.com
1 sync.extend.tv 1 redirects
1 nep.advangelists.com 1 redirects
1 d.adroll.com 1 redirects
1 j.mrpdata.net eu-u.openx.net
1 tr.blismedia.com eu-u.openx.net
1 match.justpremium.com eu-u.openx.net
1 openx2-match.dotomi.com eu-u.openx.net
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 odr.mookie1.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 cdn.contentspread.net hal900029.redintelligence.net
1 fcgi5.2xclick.ru newsyou.info
1 ag.innovid.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 go1.aniview.com player.aniview.com
1 token.rubiconproject.com eus.rubiconproject.com
1 f948bd9696d8d612fa1fb46b776024a4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net newsyou.info
1 www.gstatic.com googleads.g.doubleclick.net
1 acint.net 1 redirects
1 ssp-rtb.sape.ru 1 redirects
1 3a6abf2073eefe788fd8f678a351018c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 front.redllama.ru 1 redirects
1 an.yandex.ru 1 redirects
1 cm.lentainform.com newsyou.info
1 sync.admanmedia.com newsyou.info
1 ams.creativecdn.com 1 redirects
1 creativecdn.com 1 redirects
1 cm.idealmedia.io newsyou.info
1 secure-assets.rubiconproject.com 1 redirects
1 i.i.ua newsyou.info
1 r.i.ua 1 redirects
1 ghb.adtelligent.com newsyou.info
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ghb.adtcontent.com jsc.mgid.com
1 pwrlkyotm.com ybej5ohp0x.ru
1 mhjcpn.com newsyou.info
1 newsyou-info.psh.one newsyou.info
0 tags.bluekai.com Failed presentation-ams1.turn.com
0 x.dlx.addthis.com Failed presentation-ams1.turn.com
0 eb2.3lift.com Failed presentation-ams1.turn.com
0 aa.agkn.com Failed presentation-ams1.turn.com
0 e1.emxdgt.com Failed presentation-ams1.turn.com
762 216
Subject Issuer Validity Valid
newsyou.info
AlphaSSL CA - SHA256 - G2		 2021-02-23 -
2022-03-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
psh.one
R3		 2021-01-25 -
2021-04-25		 3 months crt.sh
mwcjzvmrtv.ru
R3		 2021-01-07 -
2021-04-07		 3 months crt.sh
mhjcpn.com
R3		 2021-02-04 -
2021-05-05		 3 months crt.sh
*.24smi.net
AlphaSSL CA - SHA256 - G2		 2021-01-02 -
2022-02-03		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
news.2xclick.ru
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh
m.mixadvert.com
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2020-08-14 -
2021-09-06		 a year crt.sh
news.gnezdo.ru
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
pwrlkyotm.com
R3		 2021-01-18 -
2021-04-18		 3 months crt.sh
adpartner.pro
R3		 2021-02-26 -
2021-05-27		 3 months crt.sh
theroswaf.com
Amazon		 2021-01-06 -
2022-02-03		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
ghb.adtcontent.com
R3		 2021-01-15 -
2021-04-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
prodmp.ru
R3		 2021-02-02 -
2021-05-03		 3 months crt.sh
ghb.adtelligent.com
R3		 2021-01-06 -
2021-04-06		 3 months crt.sh
dmpprof.com
R3		 2021-01-18 -
2021-04-18		 3 months crt.sh
fcgi5.gnezdo.ru
R3		 2021-02-25 -
2021-05-26		 3 months crt.sh
counter.yadro.ru
R3		 2021-01-13 -
2021-04-13		 3 months crt.sh
i.ua
R3		 2020-12-15 -
2021-03-15		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.utarget.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-06-04 -
2021-06-30		 a year crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2020-09-13 -
2021-10-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-05 -
2022-01-18		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2020-04-20 -
2021-06-19		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
mixadvert.com
R3		 2021-01-31 -
2021-05-01		 3 months crt.sh
dmg.digitaltarget.ru
R3		 2021-01-18 -
2021-04-18		 3 months crt.sh
*.google.nl
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
zn2.2xclick.ru
R3		 2021-02-17 -
2021-05-18		 3 months crt.sh
sync.1dmp.io
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
fcgi4.gnezdo.ru
R3		 2021-02-07 -
2021-05-08		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
dkrbus.com
R3		 2021-02-04 -
2021-05-05		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-15 -
2021-06-21		 a year crt.sh
uuidksinc.net
R3		 2021-02-17 -
2021-05-18		 3 months crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-10-05 -
2021-04-13		 6 months crt.sh
*.adhigh.net
Sectigo RSA Domain Validation Secure Server CA		 2020-06-19 -
2021-04-19		 10 months crt.sh
redintelligence.net
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
directadvert.ru
R3		 2021-01-27 -
2021-04-27		 3 months crt.sh
fnhffxhnqd.com
R3		 2021-01-29 -
2021-04-29		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
cdn.contentspread.net
Go Daddy Secure Certificate Authority - G2		 2020-07-08 -
2021-07-08		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-29 -
2021-04-14		 5 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2020-05-08 -
2022-05-25		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.turn.com
DigiCert SHA2 Secure Server CA		 2020-03-18 -
2021-04-19		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
gu.dyntrk.com
R3		 2021-02-09 -
2021-05-10		 3 months crt.sh
*.mediarithmics.com
Gandi Standard SSL CA 2		 2021-02-17 -
2022-03-01		 a year crt.sh
h2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-02-11 -
2021-04-20		 2 months crt.sh
*.id5-sync.com
R3		 2020-12-26 -
2021-03-26		 3 months crt.sh
s.ad.smaato.net
Amazon		 2020-04-15 -
2021-05-15		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
tr.blismedia.com
GTS CA 1D2		 2021-03-03 -
2021-06-01		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
*.mrpdata.net
Amazon		 2020-12-04 -
2022-01-02		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2		 2020-10-19 -
2021-11-20		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon		 2020-04-14 -
2021-05-14		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-24 -
2021-04-20		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
*.alphonso.tv
R3		 2021-01-14 -
2021-04-14		 3 months crt.sh
*.yieldoptimizer.com
Go Daddy Secure Certificate Authority - G2		 2020-12-14 -
2022-01-15		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2020-02-04 -
2021-05-05		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2020-02-25 -
2021-05-26		 a year crt.sh
rtactivate.com
Amazon		 2020-06-11 -
2021-07-11		 a year crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh

This page contains 102 frames:

Primary Page: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Frame ID: 213C0C5F803A0407221DB393413D278C
Requests: 283 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0F9C14CEA9EBC4385B388AAE42B26A90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/zrt_lookup.html
Frame ID: 905594F0ED5CF29AA525572FD6B2DEEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=3025194257&lmt=1614865271&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&ea=0&flash=0&pra=5&wgl=1&dt=1614865271214&bpp=14&bdt=523&idt=311&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2911950995705&frm=20&pv=2&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=325
Frame ID: CE53D75DF8DA4807F94C840854A8A12B
Requests: 1 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
Frame ID: B37F7209F7DF2FA788EBB286CDE858DA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Frame ID: B893A6545C3B75CDADCF3FF82C5C6ED9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 62162B064F05EFFBC0E323FC92E6191E
Requests: 11 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=5687&unit_id=6566&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Frame ID: D75FF8819328586A936FD5EA317BC940
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=613&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Frame ID: B5224BC30EECED23E82144F0E9B94640
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=2490&unit_id=2490&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Frame ID: 7185CE68E4C4979FF2F4E0A65E7892B1
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=2501&unit_id=2501&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Frame ID: 49A474FA08DB2E0A4702E4E6A365B0CC
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1614865271782420752512
Frame ID: 9FFAFDA5277234B2626B41948AEAB47F
Requests: 1 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Frame ID: DCC37FFAED0CDBE32D64FBDE72861F32
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Frame ID: C9AA47A43EF238CEA23FDF2E9EB22E3B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Frame ID: 9625913CEA8686CA20D925B02AAABE39
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 0995BDE78C72DF5420B71503432F026A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Frame ID: 0F41A67BC6280B5716806DDBD4B84408
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1C6A8BEB45E227A3F7B52B6B3AD7B2BF
Requests: 11 HTTP requests in this frame

Frame: https://news.gnezdo.ru/src/gnezdo_logo.png
Frame ID: F68A8BE389565EEEFE79BD004E99B5DB
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CYqZUd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEhQJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIZPbNCURkZs8ccZU1Ya_4y80gSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi01OTk0Njk3MDI4MzgwNjA5&sigh=VIkPsXbR7ak&tpd=AGWhJmsWOEEBkOeCLm4mQeJXYMk5WUfHOFmTeVD78b3V9hkf_HCg3bTtq8dvfRXIU1y81mRg3STbN2Fb_GRtuYX1PPjnXkGOPUbhM6SpYpvyGZxSFCfjcCUXMJilswEhCJY7TG0eP5Ms-z7ivpHLxyd32s5HYUsNcad47lun0cDDLTC8qk5S9ICW7t6AueN1oqt4zZo3znEP-zhf8aPkvMenZMVvstAQ3z9E13WwecmojicFT53wZIs9-WQpc2bdd66VIAazD7Mdw9kUHQmYNYBLEKq10Pxl6SoiCF7u39ITiCwNj0F2phIAXMwkNU1LNx9J4psY5z8se6i_SqzEZbK-he6iGgM-0RwZMPdfjAm_fx-m_Bh4jaSwefdePL4kt_xSmux9-ro01XEjlqoiJoS7_ekie76mXtZfDMGabUSZ5btgw-KZ3agk3bYbpI9m3fj3Rq_nAu3_2PoEcbjO2IX-KXM9jb-JdFu1xT-iLarXGu4zjrJ_yhmHvKvG3GZkJOS_B9CxoiY1GZX35IiMauEhFoMSEfyPo2vw54n7AW4eOf7MQ0M8Luo4m-rDfyUsiVWfMVwMpupHVc1s4RIwLfsgknA1PoqMTnRtY1Nc9GqJiX2OeCI0hijDcnRIhDYB3NDV8F12BRB7Ah857BckhAu-80l0cUXUpPwmxvNHFJwb7A-uGrBppsZMcIsV-rIuLWjp_AG4AlhIaWEgUXGDq6t_2bTAZFU5AuGrrBHC_xXZN5oKXazObM9UozIxklSlkixGZVawptaFwMPN71Wdb6pq5xPXoQKfh4OBfo8M_-CtWfOSaDzCIFy4qd9IB7RH_DIX0HTfuhw19Irfv16SGuWqg3UkOpBSSPRGWyV636iiMrLxFwc_zqipi51XwFRxPTaU9VxQLJE1rsi32gkD40g9KUlA3FQTIMkGGgvYgMaJ04ag3GllO8cE-FYVojm_-v9HNWfRKbzcVQtM4cjJbHkxzyd0Zj6BfUYzqOsI4kB9_qWjbo4EnS6emvOqHdVjb_qdrHjl2PHbDpUlTxLs2Gz3nPPfa_0
Frame ID: E1733135909FBD48840520136E1B8085
Requests: 12 HTTP requests in this frame

Frame: https://news.gnezdo.ru/src/gnezdo_logo.png
Frame ID: 70F1E3053B72AB5E48BF192C78D78819
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQhCrPNQh5Z3f847-LQ26PckeqcB4ukG1UrRQ0foIslG5b8B7IGPHPzoLZ3uwMHn0561klTFGcy36bTceH0rGRQHwlzbz3If7vSSBrhIz1NCpJqI99KmoRiycJe780oVylFFlPLFnQWyFxQQA3smFYiIEdvzRzY1yopHbhzTG4at9igY5iusAaRRbrR8-A60jkbA8jAz91udFINj0D5cKbxdSsc4ZQIT7A0cDP9aS_CWBkt58Ic_0wea-frCSS_mszXNt6o8GWofoagHxVb0ScfroDVGMC6DPJNRi8nlwqQKu3Q0k&sig=Cg0ArKJSzISup9jlDTxBEAE&adurl=
Frame ID: 9E6B2302FF1AC97F2220D74F406488B1
Requests: 8 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Frame ID: EC23BC999934C41DF3247423EBE3748D
Requests: 1 HTTP requests in this frame

Frame: https://news.gnezdo.ru/src/gnezdo_logo.png
Frame ID: 755766A2FFCA7E424F44E85A366FFBBB
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22e7ebd1bd-dfa6-4723-b956-5a719c615286%22%7D%5D%2C%22unit_id%22%3A6566%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Frame ID: BE70F4FD29D818EE7D253DC2750D1F45
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22e7ebd1bd-dfa6-4723-b956-5a719c615286%22%7D%5D%2C%22unit_id%22%3A6566%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Frame ID: 01BA8119D88A5466D7125E4C41FFDD98
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22656d2eb9-af9b-462f-b888-70ff2c0286bc%22%7D%5D%2C%22unit_id%22%3A2490%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Frame ID: 014A0AB9C337804E8ADE3C1EE37CED5C
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d5474493-3d1f-4a7a-933e-4ea80ff20524%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2234766dc2-7c64-4d1a-8134-c9f4675ac2bc%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2214e139f1-9808-4f75-8533-270303060402%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01%2C%22dsp_id%22%3A23%2C%22rule_id%22%3A0%2C%22show_id%22%3A%220d59fa9a-8e6a-41eb-8926-e989b50d0cac%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Frame ID: E0C4CB5232CAE7964B5AD69C6AFC078E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB4B9E25E6A20AE2F21CDE0EE5E4C6BB
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%224c9c6d66-5ddd-48e0-886d-66a7b078b1fd%22%7D%5D%2C%22unit_id%22%3A2501%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Frame ID: 9ADC40B9FA03484E2DFCCD6DA654DF0D
Requests: 1 HTTP requests in this frame

Frame: https://news.gnezdo.ru/src/gnezdo_logo.png
Frame ID: 5D18CAEBBB77EF301F254416242FDDF0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 7CC23657AB46D9AA91706636F47730B6
Requests: 2 HTTP requests in this frame

Frame: https://news.gnezdo.ru/src/gnezdo_logo.png
Frame ID: 47F840388C86B6CF00816F699FC6E6A8
Requests: 6 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225714041f-fb71-482f-9451-faede8d748d9%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2290bacb26-7663-4763-9364-2b1e1e8de653%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b2caddba-3088-4802-b728-797be304f42b%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01%2C%22dsp_id%22%3A23%2C%22rule_id%22%3A0%2C%22show_id%22%3A%227f345d97-c863-4e48-bfeb-18921541c119%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php%22%7D
Frame ID: 67FA7BC2D735D562C82BECA578ECD357
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225714041f-fb71-482f-9451-faede8d748d9%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2290bacb26-7663-4763-9364-2b1e1e8de653%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b2caddba-3088-4802-b728-797be304f42b%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01%2C%22dsp_id%22%3A23%2C%22rule_id%22%3A0%2C%22show_id%22%3A%227f345d97-c863-4e48-bfeb-18921541c119%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php%22%7D
Frame ID: 3C86B55188D8DBAFF28E190A64586F90
Requests: 1 HTTP requests in this frame

Frame: https://news.gnezdo.ru/src/gnezdo_logo.png
Frame ID: CDFF17F0D6F9380382F6602A90E84018
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu247EcQ_35-BOX9rIQkXUc2CagmUuamH0REthIOzEtm5tObMYo9a4BwO7GQpZWK3dU2G6aFeJ11ocy6zyt46iKyJrmNrzXAFoODuJTclIwdm468EhKjK2WQEQ-gLSCMfOPB8Vsj-i7LHSGqmdskmfONDcbHByIHAzJVnDDrbaL9JZ2mH_DLJNF-IyGSjd9Rdh9CpRc1yQVFsXmZSphCx7WOGH13YGD1kewQnPom3akzjzaVwsCM1idj7EvffzsvnbE07vdsNxX_68Rcn3TZNKiA3Eu4pnpFK1bOoP8fW_laCxKlIErz8UzKYnl&sig=Cg0ArKJSzAScnLHfoEm9EAE&urlfix=1&adurl=
Frame ID: A7D2B736B3AB0D8AFAA75CEA16ED05DC
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 9411BB5F27EA20CD1EDCC9BA1D133C43
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 4A2EE266D4FC14BE701808573EEB77E4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 81BD3057B9A1448A20D0FB58FEE3E107
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B56E4F4A8D2EC7262705FB9679FBB810
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8BB50F139F0B0F513307A7D91178A613
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 1867D6E6D1082D223D86C708AE30DD78
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 7B5D7AE261DE84E4E998C08F263E1A83
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 82DA44B248395C6BB679ED69EB7FF534
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AF52C5D550E60949552E70BF96862A6A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B6E6C4F0DB31C62A33ABB6A1EC3779B4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5F5132B1771A74DFE2A47C301E82DF4D
Requests: 1 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=97357500141172000951407011523029&a=d39e1b15
Frame ID: 9903DD5B799558541887B6F07028ACEA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9DF75F5901E890141157663EB70A4BB0
Requests: 9 HTTP requests in this frame

Frame: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Frame ID: F224DC00A7987DE09E779F6799DE0C10
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3BA4C592AF21A373D9272AC80C77C587
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8040864467408F61D77C7A9BC728A6E6
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BABF29E5074B13E199D02048FE3E204F
Requests: 3 HTTP requests in this frame

Frame: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral040.js
Frame ID: 045859B2193DBD6DDE8B0B95E936A011
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 7A92134A2711BFB47360BE208EB94940
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: E7850E1E412C108CA0A8E0387ED6B95A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 61ABBAD7AC22C79CA7D0161ACF7F00B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2A30ED7B7502F8469973112BAB8D824B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CF5E543EAE2782EE6655038F516C6C9D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5D8936CC2AE9ADD0311647777087289E
Requests: 1 HTTP requests in this frame

Frame: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/adidas_300x250.jpg
Frame ID: E22BAC0B49752112C5D25BE43772D9F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: B35ECF31F43A2D039762BD129AEE9691
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CEFF13BB00C5884592FE2320AAB483F1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CB6CA20755C9A43B5E4ADB8AD1018B6A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D1CBEA292CB4576A67D34E7EB18C94A0
Requests: 25 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Frame ID: 6DB1D125212CF8C7E61A517E6E82056C
Requests: 5 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: F9D0384FDF363014F47EA250C05EB6E7
Requests: 7 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 56378B7B2D79B41F0246F93C534AD235
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6948537625980446964
Frame ID: 73A1053A9912438A7A32C5A6CE51CB40
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE6L07AgccAAA-5rlqKhg
Frame ID: 649B9D925B7624276B0C92F8DD9E3F22
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935793556483864722
Frame ID: 1C53CD51C6A7F21AB3AB97AC7EE410D4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rlh2o3d2ezcMAbeqkDqbWak1
Frame ID: 5E51CDA1A30528E909B33D59606EDEBA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 15C0320C7654F66F4824B18B870ECB7D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C84B976517EA6989858725167774028A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EA72DBEB55E3B38451FC933A74401DEB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=r3J1dIL8TJ4c&pid=557219
Frame ID: DC5606536343FCF1759809A7FE401964
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: D9B343710A56B9EF36A647BA66D66C98
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OWqa8W8g1LhOeb5&gdpr=0&gdpr_consent=
Frame ID: A86F7E422FAA57D56F8848A126F2A390
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 0B1210732CE49BAEB7195E0905D20E87
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1F4AF561F2977403EADA4AAB3F407B6C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 974E5811A1E152105F49F42E0AA50FA5
Requests: 2 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Frame ID: A31D44F55CEF8CB24C153AABCD5E2046
Requests: 28 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 5A32A65D8F5DB11F171E6BCB3E84F340
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 633BA223D69EE6004E098F07C172AE03
Requests: 3 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
Frame ID: 329727234DC63A4681A00E68897155F9
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 000A1690A23471FE9BFAC535548A9581
Requests: 8 HTTP requests in this frame

Frame: https://ad.turn.com/server/pixelssl.htm?fpid=33&gdpr=0&gdpr_consent=
Frame ID: 79EFBA452A4873842B193184BD126E97
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Frame ID: 408D4670C1FA3B1486191656533CCFB6
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 97C236D2E2560D6AC1C47E3CC92E0E58
Requests: 3 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Frame ID: 1FDFF96CEC4F290D006A1E2F0FC2E579
Requests: 26 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 412B40727AC7106D1F065BD440B6E683
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 54351130CF65EF0B43F7C132265643A7
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: FEA0874016D7CA55BFDCF99136D3C8BA
Requests: 7 HTTP requests in this frame

Frame: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Frame ID: 95DB7D45780F198FA2DA9C39DC975535
Requests: 19 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
Frame ID: 5AA33E5D117CD33FDD7484B33B34ED87
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: D374863C625398DB96E0612D615B86C6
Requests: 8 HTTP requests in this frame

Frame: https://ad.turn.com/server/pixelssl.htm?fpid=33&gdpr=0&gdpr_consent=
Frame ID: 4C2D5E12903CF0435453BB3BE2D3BD87
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Frame ID: 452F92FFCE7333D6F171A43B30FD986B
Requests: 10 HTTP requests in this frame

Frame: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Frame ID: B94D7D5E25A5250F67A41DEE702B5BB9
Requests: 17 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D
Frame ID: 3014A8293FB5086F16FD2404D844CFAD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5819A7E1708643309C45C250B27B6D04
Frame ID: 5EA8FB466345D1EEE007761C2203DC4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

762
Requests

99 %
HTTPS

20 %
IPv6

150
Domains

216
Subdomains

137
IPs

15
Countries

22703 kB
Transfer

32705 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=200&slotname=5334027434&adk=3283282604&adf=1790009821&pi=t.ma~as.5334027434&w=1200&fwrn=4&lmt=1614865271&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-header-top.php&wgl=1&dt=1614865271228&bpp=4&bdt=536&idt=426&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qutu8nXkHD&p=https%3A//newsyou.info&dtd=435 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
Request Chain 147
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=381&slotname=5991095728&adk=2965852602&adf=4142840601&pi=t.ma~as.5991095728&w=613&lmt=1614865271&rafmt=11&psa=0&format=613x381&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&dt=1614865271233&bpp=1&bdt=541&idt=571&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200%2C580x280&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=175&ady=1073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=IF0t2lnkvd&p=https%3A//newsyou.info&dtd=578 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Request Chain 166
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto;0.13905199362256182 HTTP 302
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto;0.13905199362256182
Request Chain 167
  • https://r.i.ua/s?u224079&p264&n0.43244163004138714&c1&d24&w1600&h1200&rnewsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto HTTP 302
  • https://i.i.ua/r/3_3_1.png
Request Chain 176
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 177
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=3cd15a73-aa61-4545-860e-f3ef3d8e06e9&ttl=1617457272
Request Chain 179
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=VDqWuFKLq9Rvr5E5Vtrg&pi=mgid&tc=1
Request Chain 180
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l24bsvSOBxF5 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l24bsvSOBxF5 HTTP 302
  • https://sync.admanmedia.com/bidswitch.gif?puid=857eb125-2651-408a-b610-17af96be296a&redir=[RED]
Request Chain 181
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=26822da5-8155-40f6-8d5b-9ce549a1142d&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=857eb125-2651-408a-b610-17af96be296a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDI0YnN2U09CeEY1&muidn=l24bsvSOBxF5 HTTP 302
  • https://cm.mgid.com/google?muidn=l24bsvSOBxF5&google_ula={guid},5&google_gid=CAESEDOdn6QdBJQi3gYZIcOMVFc&google_cver=1
Request Chain 195
  • https://rtb.com.ru/prodmp-client-sync HTTP 302
  • https://rtb.com.ru/sync?sspKey=45&sspUserID=6040e3781504a073555fa692 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=6040e3781504a073555fa692&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D6040e3781504a073555fa692%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D6040e3781504a073555fa692%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D6040e3781504a073555fa692%252526i%25253D5449001078785470105%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D6040e3781504a073555fa692%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D6040e3781504a073555fa692%2525252526nc%252525253D8184080794480782815%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Ffront.redllama.ru%25252525252Fapi%25252525252FPixel%25252525252FTraffic%25252525252F%25252525253FsystemName%25252525253DAdspend%252525252526id%25252525253D6040e3781504a073555fa692%252525252526red%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fmc.yandex.ru%2525252525252Fwatch%2525252525252F65195605 HTTP 302
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D6040e3781504a073555fa692%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D6040e3781504a073555fa692%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D6040e3781504a073555fa692%252526i%25253D5449001078785470105%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D6040e3781504a073555fa692%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D6040e3781504a073555fa692%2525252526nc%252525253D8184080794480782815%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Ffront.redllama.ru%25252525252Fapi%25252525252FPixel%25252525252FTraffic%25252525252F%25252525253FsystemName%25252525253DAdspend%252525252526id%25252525253D6040e3781504a073555fa692%252525252526red%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fmc.yandex.ru%2525252525252Fwatch%2525252525252F65195605&google_gid=CAESEHChEVgoxau51fvKi3Me87A&google_cver=1 HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=6040e3781504a073555fa692&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6040e3781504a073555fa692%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D6040e3781504a073555fa692%2526i%253D5449001078785470105%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D6040e3781504a073555fa692%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D6040e3781504a073555fa692%25252526nc%2525253D8184080794480782815%25252526url%2525253Dhttps%252525253A%252525252F%252525252Ffront.redllama.ru%252525252Fapi%252525252FPixel%252525252FTraffic%252525252F%252525253FsystemName%252525253DAdspend%2525252526id%252525253D6040e3781504a073555fa692%2525252526red%252525253Dhttps%25252525253A%25252525252F%25252525252Fmc.yandex.ru%25252525252Fwatch%25252525252F65195605 HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=6040e3781504a073555fa692&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6040e3781504a073555fa692%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D6040e3781504a073555fa692%2526i%253D5449001078785470105%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D6040e3781504a073555fa692%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D6040e3781504a073555fa692%25252526nc%2525253D8184080794480782815%25252526url%2525253Dhttps%252525253A%252525252F%252525252Ffront.redllama.ru%252525252Fapi%252525252FPixel%252525252FTraffic%252525252F%252525253FsystemName%252525253DAdspend%2525252526id%252525253D6040e3781504a073555fa692%2525252526red%252525253Dhttps%25252525253A%25252525252F%25252525252Fmc.yandex.ru%25252525252Fwatch%25252525252F65195605&dsp_provider_id=2 HTTP 302
  • https://prodmp.ru/li?guid=B8D17A35233D3563E8E3&uid=6040e3781504a073555fa692&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6040e3781504a073555fa692%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D6040e3781504a073555fa692%2526i%253D5449001078785470105%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D6040e3781504a073555fa692%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D6040e3781504a073555fa692%25252526nc%2525253D8184080794480782815%25252526url%2525253Dhttps%252525253A%252525252F%252525252Ffront.redllama.ru%252525252Fapi%252525252FPixel%252525252FTraffic%252525252F%252525253FsystemName%252525253DAdspend%2525252526id%252525253D6040e3781504a073555fa692%2525252526red%252525253Dhttps%25252525253A%25252525252F%25252525252Fmc.yandex.ru%25252525252Fwatch%25252525252F65195605&dsp_provider_id=2 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/6040e3781504a073555fa692?sign=61718f21&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6040e3781504a073555fa692%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D6040e3781504a073555fa692%2526i%253D5449001078785470105%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D6040e3781504a073555fa692%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D6040e3781504a073555fa692%25252526nc%2525253D8184080794480782815%25252526url%2525253Dhttps%252525253A%252525252F%252525252Ffront.redllama.ru%252525252Fapi%252525252FPixel%252525252FTraffic%252525252F%252525253FsystemName%252525253DAdspend%2525252526id%252525253D6040e3781504a073555fa692%2525252526red%252525253Dhttps%25252525253A%25252525252F%25252525252Fmc.yandex.ru%25252525252Fwatch%25252525252F65195605 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=6040e3781504a073555fa692&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D6040e3781504a073555fa692%26i%3D5449001078785470105%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D6040e3781504a073555fa692%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D6040e3781504a073555fa692%252526nc%25253D8184080794480782815%252526url%25253Dhttps%2525253A%2525252F%2525252Ffront.redllama.ru%2525252Fapi%2525252FPixel%2525252FTraffic%2525252F%2525253FsystemName%2525253DAdspend%25252526id%2525253D6040e3781504a073555fa692%25252526red%2525253Dhttps%252525253A%252525252F%252525252Fmc.yandex.ru%252525252Fwatch%252525252F65195605 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=6040e3781504a073555fa692&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D6040e3781504a073555fa692%26i%3D5449001078785470105%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D6040e3781504a073555fa692%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D6040e3781504a073555fa692%252526nc%25253D8184080794480782815%252526url%25253Dhttps%2525253A%2525252F%2525252Ffront.redllama.ru%2525252Fapi%2525252FPixel%2525252FTraffic%2525252F%2525253FsystemName%2525253DAdspend%25252526id%2525253D6040e3781504a073555fa692%25252526red%2525253Dhttps%252525253A%252525252F%252525252Fmc.yandex.ru%252525252Fwatch%252525252F65195605&bounce=1 HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=6040e3781504a073555fa692&i=5449001078785470105&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D6040e3781504a073555fa692%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D6040e3781504a073555fa692%2526nc%253D8184080794480782815%2526url%253Dhttps%25253A%25252F%25252Ffront.redllama.ru%25252Fapi%25252FPixel%25252FTraffic%25252F%25253FsystemName%25253DAdspend%252526id%25253D6040e3781504a073555fa692%252526red%25253Dhttps%2525253A%2525252F%2525252Fmc.yandex.ru%2525252Fwatch%2525252F65195605 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=1QqLH.BWOnKa8Ib7A2IV&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D6040e3781504a073555fa692%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D6040e3781504a073555fa692%2526nc%253D8184080794480782815%2526url%253Dhttps%25253A%25252F%25252Ffront.redllama.ru%25252Fapi%25252FPixel%25252FTraffic%25252F%25253FsystemName%25253DAdspend%252526id%25253D6040e3781504a073555fa692%252526red%25253Dhttps%2525253A%2525252F%2525252Fmc.yandex.ru%2525252Fwatch%2525252F65195605 HTTP 302
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEGhh0aZcTheuFVJrbb6cxRU&ver=1&google_error=&code=224&ts=1QqLH.BWOnKa8Ib7A2IV&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D6040e3781504a073555fa692%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D6040e3781504a073555fa692%2526nc%253D8184080794480782815%2526url%253Dhttps%25253A%25252F%25252Ffront.redllama.ru%25252Fapi%25252FPixel%25252FTraffic%25252F%25253FsystemName%25253DAdspend%252526id%25253D6040e3781504a073555fa692%252526red%25253Dhttps%2525253A%2525252F%2525252Fmc.yandex.ru%2525252Fwatch%2525252F65195605 HTTP 307
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=6040e3781504a073555fa692&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D6040e3781504a073555fa692%26nc%3D8184080794480782815%26url%3Dhttps%253A%252F%252Ffront.redllama.ru%252Fapi%252FPixel%252FTraffic%252F%253FsystemName%253DAdspend%2526id%253D6040e3781504a073555fa692%2526red%253Dhttps%25253A%25252F%25252Fmc.yandex.ru%25252Fwatch%25252F65195605 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=6040e3781504a073555fa692&nc=8184080794480782815&url=https%3A%2F%2Ffront.redllama.ru%2Fapi%2FPixel%2FTraffic%2F%3FsystemName%3DAdspend%26id%3D6040e3781504a073555fa692%26red%3Dhttps%253A%252F%252Fmc.yandex.ru%252Fwatch%252F65195605 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=6040e3781504a073555fa692&nc=8184080794480782815&url=https%3A%2F%2Ffront.redllama.ru%2Fapi%2FPixel%2FTraffic%2F%3FsystemName%3DAdspend%26id%3D6040e3781504a073555fa692%26red%3Dhttps%253A%252F%252Fmc.yandex.ru%252Fwatch%252F65195605&cc=1 HTTP 302
  • https://front.redllama.ru/api/Pixel/Traffic/?systemName=Adspend&id=6040e3781504a073555fa692&red=https%3A%2F%2Fmc.yandex.ru%2Fwatch%2F65195605 HTTP 302
  • https://mc.yandex.ru/watch/65195605?rdmsId=2526858068053697280
Request Chain 196
  • https://mc.yandex.ru/watch/65331736 HTTP 302
  • https://mc.yandex.ru/watch/65331736/1
Request Chain 214
  • https://sync.1dmp.io/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg== HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg==&cs=1
Request Chain 215
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=XV9kdWBA43ddpjc0BR_YAg== HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2FSape-dsp%2F$%7BUSER_ID%7D&dp=144&tc=1&euid=XV9kdWBA43ddpjc0BR_YAg%3D%3D HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Ffcgi4.gnezdo.ru%252Fcookie_matching_ssp%252FSape-dsp%252F$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F79E340601500AA5302059303&r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2FSape-dsp%2F$%7BUSER_ID%7D HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78E340605004F924025E335E
Request Chain 217
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=XV9kdWBA43ddpjc0BR_YAg== HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=XV9kdWBA43ddpjc0BR_YAg==&tuid=-4450284218 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/Aub0M5bFBhZQU1drvNCaPbQ
Request Chain 218
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=XV9kdWBA43ddpjc0BR_YAg== HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=XV9kdWBA43ddpjc0BR_YAg%3D%3D&crf=1 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/1b4ed333-7a8e-523f-a462-45a5c422a6dd
Request Chain 219
  • https://s.uuidksinc.net/match/455/XV9kdWBA43ddpjc0BR_YAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-est/BdbgOg5huBOO49bLb9uf
Request Chain 220
  • https://s.uuidksinc.net/match/388/XV9kdWBA43ddpjc0BR_YAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/GxgEzlAt7USk2Pzcqp20
Request Chain 265
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=52ff0dba-a782-400f-abe8-df93e6b2b32f HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
Request Chain 266
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=52ff0dba-a782-400f-abe8-df93e6b2b32f HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
Request Chain 268
  • https://recreativ.ru/mtch/31/52ff0dba-a782-400f-abe8-df93e6b2b32f HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=60320519184
Request Chain 270
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 271
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=A7282016-03BE-4B43-9ECF-81872F01C61C&id=52ff0dba-a782-400f-abe8-df93e6b2b32f HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=1c6627c8475e45e6becc7c81d750a0a9
Request Chain 376
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=52ff0dba-a782-400f-abe8-df93e6b2b32f HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
Request Chain 377
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=52ff0dba-a782-400f-abe8-df93e6b2b32f HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
Request Chain 378
  • https://recreativ.ru/mtch/31/52ff0dba-a782-400f-abe8-df93e6b2b32f HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=60320519184
Request Chain 381
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=A7282016-03BE-4B43-9ECF-81872F01C61C&id=52ff0dba-a782-400f-abe8-df93e6b2b32f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MWM2NjI3Yzg0NzVlNDVlNmJlY2M3YzgxZDc1MGEwYTk&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEDCiRF5AaHi1QCJv6t3Uu2M&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=83397a06be544fdba09796f6f3a1a586
Request Chain 394
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=XV9kdWBA43ddpjc0BR_YAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78E340605004F924025E335E
Request Chain 395
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=XV9kdWBA43ddpjc0BR_YAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/1b4ed333-7a8e-523f-a462-45a5c422a6dd
Request Chain 432
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUL6aWQo3mI3d9drzbCJEs5nWTrpeTHGtOP6igEr0RQ7_FpJAS-O6HZ5Uj3x_SADHqnCPeoCzyQmrcY_RKN2rLMLYVOpR3NO&google_gid=CAESEIg4--KAwjwtUJGlnOkhHHs&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUL6aWQo3mI3d9drzbCJEs5nWTrpeTHGtOP6igEr0RQ7_FpJAS-O6HZ5Uj3x_SADHqnCPeoCzyQmrcY_RKN2rLMLYVOpR3NO&google_gid=CAESEIg4--KAwjwtUJGlnOkhHHs&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU0MTM3Mjk2NjMwMDU0Mg%3D%3D&google_push=AQvitUL6aWQo3mI3d9drzbCJEs5nWTrpeTHGtOP6igEr0RQ7_FpJAS-O6HZ5Uj3x_SADHqnCPeoCzyQmrcY_RKN2rLMLYVOpR3NO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU0MTM3Mjk2NjMwMDU0Mg%3D%3D&google_push=AQvitUL6aWQo3mI3d9drzbCJEs5nWTrpeTHGtOP6igEr0RQ7_FpJAS-O6HZ5Uj3x_SADHqnCPeoCzyQmrcY_RKN2rLMLYVOpR3NO&google_tc=
Request Chain 433
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBtJec2VEtEhXtCq0eP0LCw&google_cver=1&google_push=AQvitUKDw0GnZGb0TqNUqFcV18fKh-rvR9rVC7ahNLmfFgsoS1tBjYyMvSadidh656-36kv4BSEMdbMZhTW7Q3XtIDnusoa6zj8 HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBtJec2VEtEhXtCq0eP0LCw&google_cver=1&google_push=AQvitUKDw0GnZGb0TqNUqFcV18fKh-rvR9rVC7ahNLmfFgsoS1tBjYyMvSadidh656-36kv4BSEMdbMZhTW7Q3XtIDnusoa6zj8&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKDw0GnZGb0TqNUqFcV18fKh-rvR9rVC7ahNLmfFgsoS1tBjYyMvSadidh656-36kv4BSEMdbMZhTW7Q3XtIDnusoa6zj8&google_hm=CWPN4btpz90OxN0b1fe8IA==
Request Chain 434
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMexSziXdQXUg0wwgKeVxPU&google_cver=1&google_push=AQvitULWi4N094h3D5w8OeB4y9z3AhbAZCG-R40r757Puavl4swiDNMzKC7OrqUnIS0VVetUdhaLFX1gUmyTd0w1vBQddxW_oB4 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMexSziXdQXUg0wwgKeVxPU&google_cver=1&google_push=AQvitULWi4N094h3D5w8OeB4y9z3AhbAZCG-R40r757Puavl4swiDNMzKC7OrqUnIS0VVetUdhaLFX1gUmyTd0w1vBQddxW_oB4&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xCRNoni8RGO5li4NuTbW9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULWi4N094h3D5w8OeB4y9z3AhbAZCG-R40r757Puavl4swiDNMzKC7OrqUnIS0VVetUdhaLFX1gUmyTd0w1vBQddxW_oB4
Request Chain 435
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA3xYl90GlARgrrbEBs3o8U&google_cver=1&google_push=AQvitUJK1Onvyz6PTWVvk5sPi6_ZSTGHpcHT1tMpcP7fzKoUO5GdE46tgsBC8WsuneUWr3s2eStls_yUrUptHx0gzVs8W1q9YFIs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVWDM4N0YtMVUtM09WUg==&google_push=AQvitUJK1Onvyz6PTWVvk5sPi6_ZSTGHpcHT1tMpcP7fzKoUO5GdE46tgsBC8WsuneUWr3s2eStls_yUrUptHx0gzVs8W1q9YFIs
Request Chain 436
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKubOg6dgrloYekhWGKf2Ew&google_cver=1&google_push=AQvitUI-m2XfTqjCTWv0zOH_eY_od9moMoGHWoZEUEvcf-1DNWol2aRgq122_Zw4tBzSwEFxjzXhJXyasGqubucRlHN8aFTGLLTi HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKubOg6dgrloYekhWGKf2Ew&google_cver=1&google_push=AQvitUI-m2XfTqjCTWv0zOH_eY_od9moMoGHWoZEUEvcf-1DNWol2aRgq122_Zw4tBzSwEFxjzXhJXyasGqubucRlHN8aFTGLLTi&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEDjeyBZnSrgTpuPyWMdDwAABFMAAAAB&google_push=AQvitUI-m2XfTqjCTWv0zOH_eY_od9moMoGHWoZEUEvcf-1DNWol2aRgq122_Zw4tBzSwEFxjzXhJXyasGqubucRlHN8aFTGLLTi&google_gid=CAESEKubOg6dgrloYekhWGKf2Ew&google_cver=1
Request Chain 450
  • https://hal900029.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=ef1750446a&subid=&uid=d2e9f3c4c164ef35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4194525556240525431%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D59a56040-e378-4901-8a9f-b30c76f1aa1b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D280%26slotname%3D9613474772%26adk%3D1966935994%26adf%3D2145073481%26pi%3Dt.ma~as.9613474772%26w%3D580%26lmt%3D1614865271%26psa%3D0%26format%3D580x280%26url%3Dhttps%253A%252F%252Fnewsyou.info%252Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%26wgl%3D1%26dt%3D1614865271232%26bpp%3D1%26bdt%3D541%26idt%3D479%26shv%3Dr20210302%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x200%26nras%3D1%26correlator%3D2911950995705%26frm%3D20%26pv%3D1%26ga_vid%3D629737997.1614865271%26ga_sid%3D1614865272%26ga_hid%3D1357063670%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D192%26ady%3D371%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736376%252C21066429%26oid%3D3%26pvsid%3D4296289433420388%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CopeE%257C%26abl%3DCS%26pfx%3D0%26cms%3D2%26fu%3D8192%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DOR6dYg6VG9%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D484&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fnewsyou.info&random=4150952158406&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900029.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=ef1750446a&subid=&uid=d2e9f3c4c164ef35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4194525556240525431%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D59a56040-e378-4901-8a9f-b30c76f1aa1b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D280%26slotname%3D9613474772%26adk%3D1966935994%26adf%3D2145073481%26pi%3Dt.ma~as.9613474772%26w%3D580%26lmt%3D1614865271%26psa%3D0%26format%3D580x280%26url%3Dhttps%253A%252F%252Fnewsyou.info%252Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%26wgl%3D1%26dt%3D1614865271232%26bpp%3D1%26bdt%3D541%26idt%3D479%26shv%3Dr20210302%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x200%26nras%3D1%26correlator%3D2911950995705%26frm%3D20%26pv%3D1%26ga_vid%3D629737997.1614865271%26ga_sid%3D1614865272%26ga_hid%3D1357063670%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D192%26ady%3D371%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736376%252C21066429%26oid%3D3%26pvsid%3D4296289433420388%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CopeE%257C%26abl%3DCS%26pfx%3D0%26cms%3D2%26fu%3D8192%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DOR6dYg6VG9%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D484&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fnewsyou.info&random=4150952158406&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 491
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEzJBQWfDZ8cv1jYXDbfQeI&google_cver=1&google_push=AQvitULrZcpY5UfxuGWRSv4Fnux89kQMilWExQruSz6Slofk-K7XEA67yVW4myNoz-FYEX-VMZNext6k4C65N9fa1mehYCMy2wBE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VFekpCUVdmRFo4Y3YxallYRGJmUWVJ
Request Chain 492
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJlGHImkIF5Nsy-tWzaBKzY02eihV4syEAz7i22ovL0rPPJxn3Ke4-gqiIE1HfiMsJ0CAP1D0nQpOCjDUk6GhSQK8IC328R&google_gid=CAESEE70E4URsWpG0Vz1l976tRQ&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPvGg4IGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVKbEdISW1rSUY1TnN5LXRXemFCS3pZMDJlaWhWNHN5RUF6N2kyMm92TDByUFBKeG4zS2U0LWdxaUlFMUhmaU1zSjBDQVAxRDBuUXBPQ2pEVWs2R2hTUUs4SUMzMjhS HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQTAtVmVmOWRiLTZqRGMwX01PWm14ckpUYmZXQktPSjdBVzZHakY3YWNIcw==&google_push
Request Chain 493
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJAle4Ppq2ijouwHY5SJfGhHszFgzfX7RQMQbWGz6yYxKRFOujKhAJgl5f2e944lNjdRj-JsKoYJNYH2t-f9zWf3OEZrC8&google_gid=CAESECcr2tzPe4gm6U2AFDkMVok&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU1OTYyNTM3NjMyMDkwNw%3D%3D&google_push=AQvitUJAle4Ppq2ijouwHY5SJfGhHszFgzfX7RQMQbWGz6yYxKRFOujKhAJgl5f2e944lNjdRj-JsKoYJNYH2t-f9zWf3OEZrC8
Request Chain 495
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFk7jjD1Oust4nqZ1GxD1Kk&google_cver=1&google_push=AQvitUK7CMVee_SnJSxAvdeUiKJp6S5JQk8IY-sA-wLvvrN6GBaOjUm2xEb1QWY3b7SR16muB8_L52vQT1uU14GD5Rgx7AIJ-TfS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK7CMVee_SnJSxAvdeUiKJp6S5JQk8IY-sA-wLvvrN6GBaOjUm2xEb1QWY3b7SR16muB8_L52vQT1uU14GD5Rgx7AIJ-TfS&google_hm=CWPN4btpz90OxN0b1fe8IA==
Request Chain 496
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECbjZcbibmCQMBbenzF7J0Y&google_cver=1&google_push=AQvitUKiUhZPB7m-JAvvAvqCyZu_vXkXDIZVRwXQ8jkHtMvy7Bwi-yPrhfMSJ6I5TwN1EpFUWQdgVthN6c24Wwx4ubEBoGUde0rW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVWDM4VEktMS1JUUNX&google_push=AQvitUKiUhZPB7m-JAvvAvqCyZu_vXkXDIZVRwXQ8jkHtMvy7Bwi-yPrhfMSJ6I5TwN1EpFUWQdgVthN6c24Wwx4ubEBoGUde0rW
Request Chain 497
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEG1ryDMJgHPWXEc5GbElLU&google_cver=1&google_push=AQvitUK7ywTJ1nTHUyFvdvYGt7RMdbatNrQjLHMIPAdWsd0WeVAde4zmo6bWmliZIjWPE_95swU5vIUQd0iqu6E0mrJzTkq7iFLp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEDjeyBZnSrgTpuPyWMdDwAABFMAAAAB&google_push=AQvitUK7ywTJ1nTHUyFvdvYGt7RMdbatNrQjLHMIPAdWsd0WeVAde4zmo6bWmliZIjWPE_95swU5vIUQd0iqu6E0mrJzTkq7iFLp&google_cver=1&google_gid=CAESEEG1ryDMJgHPWXEc5GbElLU
Request Chain 557
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Request Chain 563
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b1b86040-e37e-4000-9b7f-849ded250fa0
Request Chain 564
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=pKXUHPem10m_9tNN8KDNGvDw1km_8YEdo_OXUWTA
Request Chain 565
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216364356457010396
Request Chain 567
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE0ZjlhMzYtNjg5Zi02YmZjLTYyNjUtZmQ5NGUxZjc5NTA3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE0ZjlhMzYtNjg5Zi02YmZjLTYyNjUtZmQ5NGUxZjc5NTA3&google_tc=
Request Chain 568
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN8uOmfWvNKVx5zYutztFm0&google_cver=1
Request Chain 570
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 572
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6948537625980446964
Request Chain 573
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNkwwN0FnY2NBQUEtNXJscUtoZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE6L07AgccAAA-5rlqKhg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8213807083228411280 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE6L07AgccAAA-5rlqKhg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D8213807083228411280%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=8213807083228411280&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAE6L07AgccAAA-5rlqKhg&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE6L07AgccAAA-5rlqKhg
Request Chain 574
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935793556483864722
Request Chain 575
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rlh2o3d2ezcMAbeqkDqbWak1
Request Chain 576
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 578
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 579
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=r3J1dIL8TJ4c&pid=557219
Request Chain 580
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 581
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OWqa8W8g1LhOeb5&gdpr=0&gdpr_consent=
Request Chain 582
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 583
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=crUiTJ1GS-eaNz9c0SweLQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 585
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 586
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&addseg=17
Request Chain 587
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzJCNTIyNEMtOUQ0Ni00QkU3LTlBMzctM0Y1Q0QxMkMxRTJE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 588
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN3rlNqHa-5tulouuaVjKxs&google_cver=1
Request Chain 590
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5340075711674575271
Request Chain 591
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b1b86040-e37e-4000-9b7f-849ded250fa0&gdpr=0&gdpr_consent=
Request Chain 592
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5091babd-22b7-4e6a-8fe6-f9fdce64388d
Request Chain 593
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=950601676653127639&gdpr=0&gdpr_consent=
Request Chain 594
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-K4tIQ7t1l2JfuA201oY27YZsG2MpRqk-&gdpr=0&gdpr_consent=
Request Chain 596
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 597
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=C7Bkmx5WQYZQOBnIwYTI9rnUq0M&user_group=1&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=C7Bkmx5WQYZQOBnIwYTI9rnUq0M&user_group=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=461b3516-1363-4479-8618-90b32bdd6658&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 598
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w
Request Chain 599
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YEDjhgAAAK6vH1LS HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEDjhgAAAK6vH1LS&gdpr=0&gdpr_consent=&_test=YEDjhgAAAK6vH1LS
Request Chain 600
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 602
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fb880d4a-8beb-4915-a3d0-4a1110a690e1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 603
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7261955433230282486
Request Chain 604
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_aee1e982-0638-4174-8862-13438619d477
Request Chain 614
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 615
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=MnbDwAhujHaR8eua-Axh3Q==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 617
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=OWqa8W8g1LhOeb5
Request Chain 618
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=3da06132-baad-48fa-bde4-34c1db14790a HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=3da06132-baad-48fa-bde4-34c1db14790a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2f0c2bc8-e627-4247-b5f5-3251396859ef&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=3da06132-baad-48fa-bde4-34c1db14790a
Request Chain 619
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE6L07AgccAAA-5rlqKhg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAE6L07AgccAAA-5rlqKhg
Request Chain 621
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
Request Chain 624
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Request Chain 625
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=ODIxMzgwNzA4MzIyODQxMTI4MA== HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAf77HwYTfgYQeZMlQ3zeqs&google_cver=1
Request Chain 626
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=5091babd-22b7-4e6a-8fe6-f9fdce64388d&gdpr=1&gdpr_consent=
Request Chain 627
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5340075711674575271&gdpr=0&gdpr_consent=
Request Chain 628
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=b1b86040-e37e-4000-9b7f-849ded250fa0&gdpr=0&gdpr_consent=
Request Chain 629
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8d4a08cb-b380-4712-9e3a-d71a01955cdd&ssp=smartadserver HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=1&user_id=8d4a08cb-b380-4712-9e3a-d71a01955cdd&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=8adb0862-3c65-4121-9ea1-27efdb9e40dc&gdpr=&gdpr_consent=
Request Chain 630
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=05f322030067dc7e5e9ea3fc&gdpr=0&gdprConsent=
Request Chain 631
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=64&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D68%26partneruserid%3D%7BuserId%7D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=68&partneruserid=no-consent&gdpr=1&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 632
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=950601676653127639&gdpr=0&gdpr_consent=
Request Chain 633
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=6935793556483864722&gdpr=0&gdpr_consent=
Request Chain 634
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh
Request Chain 635
  • https://trc.taboola.com/sg/smartadserver-ssp-network/1/rtb-h?taboola_hm={USER_ID}&gdpr=0&gdpr_consent= HTTP 302
  • https://match.taboola.com/sg/smartadserver-ssp-network/1/rtb-h?taboola_hm={USER_ID}&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&isDirect=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe
Request Chain 637
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fAgdYiCOV2xC&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 638
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f40925f3-8bf1-42b1-ade6-7be56e6ad804&gdpr=0&gdpr_consent=
Request Chain 640
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YEDjhgAAAJKe1CrK
Request Chain 641
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEANRnKF3IfwBO2oUjvzmfu4&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEANRnKF3IfwBO2oUjvzmfu4&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=950601676653127639&opid=apx&ops=&utidl=tech:goo:CAESEANRnKF3IfwBO2oUjvzmfu4&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A11529517379&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY HTTP 302
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F106%2F7%2F3.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/106/7/3.gif?puid=05f3220300cb0c0aebe937af&gdpr=1&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAE6L07AgccAAA-5rlqKhg HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F5%2F5.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/163/5/5.gif?puid=OWqa8W8g1LhOeb5&gdpr=1&gdpr_consent=
Request Chain 642
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Request Chain 643
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=&gdpr=0
Request Chain 644
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=761ad86f49d72ea08ec134b92c5537c5
Request Chain 645
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f3f49c8-a712-4092-99be-42f104cc5239&gdpr_consent=null&gdpr=0
Request Chain 655
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=950601676653127639
Request Chain 657
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Request Chain 659
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YEDjhgAAAHGf-CrK HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEDjhgAAAHGf-CrK&_test=YEDjhgAAAHGf-CrK HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEDjhgAAAHGf-CrK&_test=YEDjhgAAAHGf-CrK
Request Chain 660
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=Rlh2o3d2ezcMAbeqkDqbWak1&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DRlh2o3d2ezcMAbeqkDqbWak1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DRlh2o3d2ezcMAbeqkDqbWak1 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DRlh2o3d2ezcMAbeqkDqbWak1 HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b20981c76870438a6b1aceb8fe6ecd7e&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DRlh2o3d2ezcMAbeqkDqbWak1 HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DRlh2o3d2ezcMAbeqkDqbWak1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Rlh2o3d2ezcMAbeqkDqbWak1
Request Chain 667
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b5f63581-bd42-8ea2-b78b-25ba43269087 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b5f63581-bd42-8ea2-b78b-25ba43269087&dcc=t
Request Chain 668
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=4f82c45d-7cef-11eb-8830-270c3ff837ee
Request Chain 670
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=5819A7E1708643309C45C250B27B6D04
Request Chain 672
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB&dcc=t
Request Chain 674
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEDjf0x7ltHRTmXkMP0z0wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMY55UwGHrGT4r3FTn1rgoA&google_cver=1
Request Chain 675
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELR_YTnZZyqYrt4cDuIP1EM&google_cver=1
Request Chain 676
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OWqa8W8g1LhOeb5&gdpr=1
Request Chain 677
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0&C=1
Request Chain 678
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ae11ce7a-97b3-4e18-8323-d357495f6610
Request Chain 679
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9ca02db7-7db5-491b-9fd4-05347ac08532
Request Chain 681
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=5091babd-22b7-4e6a-8fe6-f9fdce64388d&gdpr=1&gdpr_consent=
Request Chain 682
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5340075711674575271&gdpr=0&gdpr_consent=
Request Chain 683
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=b96737f2-4eaf-4e10-a12d-0679be3f8075&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=3da06132-baad-48fa-bde4-34c1db14790a&gdpr=&gdpr_consent=
Request Chain 684
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=05f3220300cb0c0aebe937af&gdpr=0&gdprConsent=
Request Chain 685
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=64&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D68%26partneruserid%3D%7BuserId%7D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=68&partneruserid=no-consent&gdpr=1&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 686
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=950601676653127639&gdpr=0&gdpr_consent=
Request Chain 687
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
Request Chain 692
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh
Request Chain 693
  • https://trc.taboola.com/sg/smartadserver-ssp-network/1/rtb-h?taboola_hm={USER_ID}&gdpr=0&gdpr_consent= HTTP 302
  • https://match.taboola.com/sg/smartadserver-ssp-network/1/rtb-h?taboola_hm={USER_ID}&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&isDirect=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe
Request Chain 695
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=3oJERq7jnUgl&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 696
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f40925f3-8bf1-42b1-ade6-7be56e6ad804&gdpr=0&gdpr_consent=
Request Chain 698
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YEDjhgAAAI-PplZV
Request Chain 699
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEANRnKF3IfwBO2oUjvzmfu4&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEANRnKF3IfwBO2oUjvzmfu4&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=950601676653127639&opid=apx&ops=&utidl=tech:goo:CAESEANRnKF3IfwBO2oUjvzmfu4&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A11529271462&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/112/7/3.gif?puid=E15D486F422C5AAA&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F106%2F6%2F4.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/106/6/4.gif?puid=05f3220300cb0c0aebe937af&gdpr=1&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAE6L07AgccAAA-5rlqKhg
Request Chain 700
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Request Chain 701
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=&gdpr=0
Request Chain 702
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=2c4018bcf9091bdc25f9044a2065fd27
Request Chain 703
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f8c78646-6bae-4c82-8f66-80b332b7f1e2&gdpr_consent=null&gdpr=0
Request Chain 707
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=684&partner_device_id=7986630435418036215&partner_url=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzI3MDg5NDgx%2Fmpuid%2F%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=684&partner_device_id=7986630435418036215&partner_url=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzI3MDg5NDgx%2Fmpuid%2F%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/4e2e7eb2-7cef-11eb-b5ec-fa0d99bcfabb
Request Chain 710
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=7986630435418036215 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=f40925f3-8bf1-42b1-ade6-7be56e6ad804&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701&gdpr=1&gdpr_consent= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=f40925f3-8bf1-42b1-ade6-7be56e6ad804&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701&gdpr=1&gdpr_consent=&cs_ak_ss=1 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1701 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/f40925f3-8bf1-42b1-ade6-7be56e6ad804/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=f40925f3-8bf1-42b1-ade6-7be56e6ad804&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx&gdpr=1&gdpr_consent=
Request Chain 713
  • https://secure.adnxs.com/getuid?https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=$UID HTTP 302
  • https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=950601676653127639
Request Chain 717
  • https://pixel.advertising.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.advertising.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&apid=UP4f8cd660-7cef-11eb-8040-0600b0610222
Request Chain 718
  • https://ce.lijit.com/merge?pid=1&3pid=7986630435418036215 HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=7986630435418036215&dnr=1
Request Chain 721
  • https://sync.search.spotxchange.com/partner?adv_id=6481&img=1&uid=7986630435418036215 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6481&img=1&uid=7986630435418036215&__user_check__=1&sync_id=4da0096f-7cef-11eb-830f-1a3cf9d12506
Request Chain 722
  • https://sync.alphonso.tv/sync?srcid=500&puid=7986630435418036215 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0qh8sjy&ttd_tpi=1 HTTP 302
  • https://sync.alphonso.tv/sync?srcid=600&img=1&puid=5091babd-22b7-4e6a-8fe6-f9fdce64388d
Request Chain 723
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=7986630435418036215 HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=881833597&t=i&p=4889&turn_id=7986630435418036215
Request Chain 727
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=875739024737157406
Request Chain 728
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=27dfbeb6-f175-0c5d-0712-862bd47b5a53
Request Chain 730
  • https://ce.lijit.com/merge?pid=76&3pid=81ce973c-4b5c-0f55-3039-118b53a46435 HTTP 302
  • https://ce.lijit.com/merge?pid=76&3pid=81ce973c-4b5c-0f55-3039-118b53a46435&dnr=1
Request Chain 731
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
  • https://sync.teads.tv/um?eid=64&uid=585a13c1-4765-0e02-06f7-985122509b51
Request Chain 734
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE6L07AgccAAA-5rlqKhg&expiration=1616074884
Request Chain 735
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
Request Chain 737
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1617457279
Request Chain 742
  • https://pixel.advertising.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.advertising.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&apid=UP4f8cd660-7cef-11eb-8040-0600b0610222
Request Chain 746
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk4NjYzMDQzNTQxODAzNjIxNQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEDc_h8x4SY7b1-H2Jm1ZTk4&google_cver=1
Request Chain 750
  • https://x.bidswitch.net/sync?dsp_id=302&user_id=7986630435418036215&expires=7&gdpr=0&gdpr_consent= HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=3da06132-baad-48fa-bde4-34c1db14790a HTTP 303
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=3da06132-baad-48fa-bde4-34c1db14790a&_li_chk=true&previous_uuid=e92666804eeb4ed1b6abc263252384a7 HTTP 303
  • https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=3da06132-baad-48fa-bde4-34c1db14790a
Request Chain 763
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5819A7E1708643309C45C250B27B6D04
Request Chain 764
  • https://pixel.onaudience.com/?partner=214&mapped=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=f903ddb3388508ab
Request Chain 765
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b1b86040-e37e-4000-9b7f-849ded250fa0
Request Chain 766
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4f9191ba-7cef-11eb-9063-0107aa451d02&gdpr=0&gdpr_consent=
Request Chain 770
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

762 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
newsyou.info/ 		128 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
5d8319c614db02ee0b5243a2de2c2f166cf5fdb3029fc38ca8fe43c65c9bc793

Request headers

Host
newsyou.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.2.1
Date
Thu, 04 Mar 2021 13:39:36 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
29773
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Link
<https://newsyou.info/wp-json/>; rel="https://api.w.org/", <https://newsyou.info/?p=390349>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
mainstyle8.css
newsyou.info/ 		36 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/mainstyle8.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
97ead41ba525986a800ac82fa2aba17ee1954ef84a0331c5205b95265a156cdb

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Thu, 19 Nov 2020 18:36:43 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37363
Expires
Thu, 11 Mar 2021 13:39:36 GMT
magnific-popup.css
newsyou.info/wp-content/themes/newsyou/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/css/magnific-popup.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Tue, 26 Feb 2019 17:26:10 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6951
Expires
Thu, 11 Mar 2021 13:39:36 GMT
jquery-1.11.1.min.js
newsyou.info/wp-content/themes/newsyou/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/jquery-1.11.1.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Mon, 03 Jun 2019 14:23:51 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95786
Expires
Thu, 11 Mar 2021 13:39:36 GMT
scripts.js
newsyou.info/wp-content/themes/newsyou/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/scripts.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Tue, 17 Nov 2020 14:43:03 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23604
Expires
Thu, 11 Mar 2021 13:39:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe3b9ec903128a4464bdabd33a33265476786fb1b7e8558908754e69c18c5dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50150
x-xss-protection
0
server
cafe
etag
12800053778782964411
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 04 Mar 2021 13:41:11 GMT
sbscrp.js
newsyou-info.psh.one/push/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou-info.psh.one/push/sbscrp.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.92.172 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.92.217.95.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
b1773a3b3b92f77c2a4f075972566139c73ebc8f547c55929182c70ed60da096

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Tue, 15 Jan 2019 18:03:30 GMT
server
nginx/1.18.0
etag
W/"5c3e2072-28ea"
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:11 GMT
script.js
ybej5ohp0x.ru/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ybej5ohp0x.ru/script.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b7b7bd83f2673d019cf6005b2be4bec040d665f7c08331b4af8a69b38717edc8

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:10 GMT
server
nginx/1.18.0
content-length
8199
content-type
text/javascript
vlip0m30y8qh876uqv768pkypjs.php
mhjcpn.com/gnml71219/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mhjcpn.com/gnml71219/vlip0m30y8qh876uqv768pkypjs.php
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
52928c2ab25ea721e1a0403f0b0ba93d09f51989fd9503e8a65cd13bb2fa033e

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Thu, 24 Dec 2020 11:08:26 GMT
server
nginx/1.14.2
etag
"5fe476aa-4952"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
18770
smi.js
jsn.24smi.net/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/smi.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
8adf636e0ef88f302f061352b3e48662e0020cf964628e757b1c2857ef7efbd5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 10:01:54 GMT
server
nginx
etag
W/"602b9812-c537"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:11 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5915
date
Thu, 04 Mar 2021 12:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 04 Mar 2021 14:02:36 GMT
style.min.css
newsyou.info/wp-includes/css/dist/block-library/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/css/dist/block-library/style.min.css?ver=5.1.8
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Tue, 26 Feb 2019 17:25:12 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25242
Expires
Thu, 11 Mar 2021 13:39:36 GMT
wp-automatic.css
newsyou.info/wp-content/plugins/wp-automatic/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Sun, 14 Jun 2020 13:47:39 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2713
Expires
Thu, 11 Mar 2021 13:39:36 GMT
jquery.js
newsyou.info/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Thu, 05 Sep 2019 08:36:14 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96873
Expires
Thu, 11 Mar 2021 13:39:36 GMT
jquery-migrate.min.js
newsyou.info/wp-includes/js/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Tue, 26 Feb 2019 17:25:03 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10056
Expires
Thu, 11 Mar 2021 13:39:36 GMT
main-front.js
newsyou.info/wp-content/plugins/wp-automatic/js/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/js/main-front.js?ver=5.1.8
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Sun, 14 Jun 2020 13:47:49 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1017
Expires
Thu, 11 Mar 2021 13:39:36 GMT
logo.png
newsyou.info/wp-content/themes/newsyou/img/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Sat, 02 Mar 2019 19:14:49 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24862
Expires
Thu, 11 Mar 2021 13:39:36 GMT
2598506-1.jpg
newsyou.info/wp-content/uploads/2021/03/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/2598506-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
57776c1c89c500fb6a15dfe65582e6d9fdc6ef2acd9b837f1c33ece83c101d34

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Wed, 03 Mar 2021 21:12:22 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86986
Expires
Thu, 11 Mar 2021 13:39:36 GMT
view.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/view.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Sat, 02 Mar 2019 19:32:25 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15253
Expires
Thu, 11 Mar 2021 13:39:36 GMT
2598367.jpg
newsyou.info/wp-content/uploads/2021/03/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/2598367.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
3fee3f8ee1a742df48cdb8dab03e78e33cf3c5c5fc6939bc13173f9e2bbfdc8e

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Tue, 02 Mar 2021 21:40:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
148346
Expires
Thu, 11 Mar 2021 13:39:36 GMT
2597807-1.jpg
newsyou.info/wp-content/uploads/2021/03/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/2597807-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
913ce10a35e136f92279aea9808b36eeee521602464b6cf07b7832714c6617e6

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Mon, 01 Mar 2021 20:44:59 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109440
Expires
Thu, 11 Mar 2021 13:39:36 GMT
menum.png
newsyou.info/wp-content/themes/newsyou/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/menum.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Wed, 29 May 2019 09:21:57 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3725
Expires
Thu, 11 Mar 2021 13:39:36 GMT
sbtn.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/sbtn.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Sat, 02 Mar 2019 19:38:51 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15582
Expires
Thu, 11 Mar 2021 13:39:36 GMT
newsyou.info.687498.js
jsc.mgid.com/n/e/ 		564 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.687498.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dac0aec64185ca32551fe7ec9057573cc23cb9092bc6ec4019d05864ab26f96

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
age
3073
cf-polished
origSize=577541
last-modified
Tue, 02 Mar 2021 12:12:52 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3B9932B77D0B5DFE
x-amz-id-2
m1nDQqZa54upYBB5eMsl4RjI5x2Yz4iuYBac2no5LEIuKucPsF8W8YRAB33mI1AuE3MjU7Gg7i4=
cf-bgj
minify
server
cloudflare
etag
W/"808374441efe90165e45218797f93866"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
089f11a1a100000c850a3e5000000001
cf-ray
62ab854908120c85-AMS
expires
Thu, 04 Mar 2021 16:41:11 GMT
%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5...
newsyou.info/wp-content/uploads/2021/03/ 		429 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f4cb1588a09fdb2c9c7fbb6cc26415d689f330ebbcbbae3c241ee91ac20348a2

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:47 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
439166
Expires
Thu, 11 Mar 2021 13:39:36 GMT
1614863627_926_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		458 KB
458 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863627_926_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1f92ba4d2e6289c3462e3e35aac6b0e47bb927a2218f37bc77c98f621ae952e4

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:47 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
469013
Expires
Thu, 11 Mar 2021 13:39:36 GMT
1614863627_885_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		443 KB
443 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863627_885_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9f6ecac171a8dcacd78a493a975b95a384a46b8211ffa753f7de2bb0ef64f6cf

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:47 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
453292
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863628_969_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		399 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863628_969_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
20f20f4971adfb7fe7d513a9bbcd657393af9615c4609312e3274975329af4aa

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
409037
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863628_178_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		415 KB
415 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863628_178_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
87d6a2a0d1cbf74eeda2042f80af8744101832c50e4dee734cf6324adc971dde

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
424883
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863628_387_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		503 KB
503 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863628_387_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
b04ac68fd2339840f4dd5490673597775fa52f3ab7b2a81a4f780cacf253b30c

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
515072
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863628_203_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		373 KB
374 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863628_203_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4e49e4c76f093f33aed1008c4fd28c34cb0b407d30bf81f043dcdd7a503b184e

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
382458
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863628_362_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		341 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863628_362_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4cfc3011013d4a14b4498f4c14541f831ff23a65fbeab46cb0b203d9153286f8

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
349568
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863628_90_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%...
newsyou.info/wp-content/uploads/2021/03/ 		356 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863628_90_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
06ab2d17163e3a098b6a244e87a1bf5e2e1feafaf93f832f82c68f390b47b955

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
364460
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863628_725_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		322 KB
322 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863628_725_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
37c6390eeec44d84bfb59ee53886e34b454fcf25ed18d56235f5150180b8b95e

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
329853
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863628_320_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		228 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863628_320_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
fe89d0326efdca12bdf55bc4a69526766ea525d443d3733d9eb37a39e80ca6da

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
233407
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863628_858_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		400 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863628_858_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d513ab5ef10d27386b6005d572b4aa2588a6305138c90931b3784d60e414b7e1

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
409627
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863629_959_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		363 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863629_959_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f70b32586066cb18d63afaa7e162464f21a2cfa197f414a16cad9aecf58823a3

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:49 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
371824
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863629_578_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		353 KB
353 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863629_578_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
5aaa3ccb4f142b0781bd3d38ae89237df7d8371849e187a8a8ad21a665310f44

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:49 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
360970
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863629_934_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		456 KB
456 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863629_934_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
18529fb6200ff64b2aaa0fb0665f1a42a6521b13c3f26ea57ce54beb83d9a1bb

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:49 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
466692
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863629_407_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		576 KB
576 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863629_407_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
dd50e8e0c0285c83f01efb99f2b245f5e654e710eb31606e22c3283896a196b1

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:49 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
589349
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863629_432_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		515 KB
515 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863629_432_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f2e6b883d964ae24ddac94788742ddb314d5510d00f61c8ac1752554fa111e45

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:49 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
527125
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863629_220_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		452 KB
452 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863629_220_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
26ef1899dd7f70f7919717168bbe9a0bb2d1bd1314e33cf5c7498c937be7937b

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:49 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
462844
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863629_310_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		478 KB
479 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863629_310_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d987bf3ba07af41807bfd69b172778491bccf5ee73a06fceb57704ebfe2bc289

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:49 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
489777
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863630_584_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		397 KB
397 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863630_584_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
69852b183588d73f358f456239e55a061334a16c2c501f067b2a8b23c6af8442

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:50 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
406157
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863630_647_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		475 KB
475 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863630_647_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4e6f416ca04d68570f7c80724b93019116bc56ed41a8369bb9688acb749c43f0

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:50 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
486249
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863630_186_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		408 KB
408 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863630_186_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f2d18686d2370cf49a73d1956911a68ed5b6dd7877a0f3777cbeb2ebee37a7d0

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:50 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
417602
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863630_264_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		304 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863630_264_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
a40bdcc5a5de97c8b6f811db288da85fe47f71b8e97c9504bba299b914560621

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:50 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
311011
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863630_870_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		499 KB
499 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863630_870_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
862eade5609e764132fe19839ac2860fdbc208a24644aba3fd870a4f5fc24183

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:50 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
510568
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863630_628_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		473 KB
473 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863630_628_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
e88246a5e6e311fef6ba7f844ca8c7cfa97ae7fa419cdc2b353dcdc84068d4ee

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:50 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
484202
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863630_772_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863630_772_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
5bc0c5742d193cd85613c9658da28cf257205d3bc1663d0ee0f982e3b0ec7e47

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:50 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
263823
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863630_161_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		681 KB
681 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863630_161_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
25df1e1ca534896bf6326ec4344a16e8902fdbc7d6265d106518f96308fe62e4

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:50 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
697369
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863630_219_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		380 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863630_219_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ca2f6fe9ecfbc6d84adde59a9526183eca0d431d04ad180fa30b7e13c9f07dd2

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:50 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
389204
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863631_161_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		491 KB
491 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863631_161_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d994eb348a3c94fea13450dfda0e284ed651791d55b21175c8f90961475a7a26

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:51 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
502447
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614863631_687_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0...
newsyou.info/wp-content/uploads/2021/03/ 		271 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614863631_687_%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84-%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82-%D0%BF%D0%BE-%D0%BC%D0%B8%D1%80%D1%83-%D0%B8-%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9-%D1%81-%D0%B8%D1%85.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
20d51ca8a95a98eec59e048c3b15890839789c1c4d6653ddef883709e9fc8e8a

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:13:51 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
277883
Expires
Thu, 11 Mar 2021 13:39:37 GMT
loader.js
news.2xclick.ru/ 		85 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/loader.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
ec5f165087df17f3e42b3dd772feaa4cb90a47a130f0e6000a29aad4aadfb666

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 11:25:45 GMT
Server
nginx/1.10.3
ETag
"603f7239-428c"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
application/javascript
Content-Length
17036
Expires
Fri, 05 Mar 2021 13:41:11 GMT
newsyou.info.896370.js
jsc.mgid.com/n/e/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.896370.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2fd3e8f2be4c50d80ddc86ed18a60bb8b961af80e8a0f5f357c48b3f523a45a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
age
3073
cf-polished
origSize=270250
last-modified
Tue, 02 Mar 2021 12:38:16 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MWF2XEPCWWFHC23J
x-amz-id-2
XdXC+IxdIWgwz+/luMHRoQB8JYH0LUz4P2/98/JC2WK6sdperm9LLH5zrHShW7TkWdepieuGQfs=
cf-bgj
minify
server
cloudflare
etag
W/"d30b572226b1baa1cece1d08ea800b2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
089f11a1a200000c8537855000000001
cf-ray
62ab854908150c85-AMS
expires
Thu, 04 Mar 2021 16:41:11 GMT
%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BF%D1%8F%D1%82%D0%BD%D0%B8%D1%86%D1%83-13-%D0%BD%D0%BE%D1%8F%D0%B1%D1%80%D1%8F-2020.jpg
newsyou.info/wp-content/uploads/2020/11/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2020/11/%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BF%D1%8F%D1%82%D0%BD%D0%B8%D1%86%D1%83-13-%D0%BD%D0%BE%D1%8F%D0%B1%D1%80%D1%8F-2020.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0eb3a4d9d2b77053b7e62f3a77ac9f22a883631d12be9dff16a8e37307c17c4c

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 12 Nov 2020 10:49:37 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31839
Expires
Thu, 11 Mar 2021 13:39:37 GMT
straahh.jpg
newsyou.info/wp-content/uploads/2020/11/ 		480 KB
480 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2020/11/straahh.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
17164a07b606e231f1b4784c15722cecef83d6b6397e8a8937383048c8d921d7

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Tue, 17 Nov 2020 08:20:41 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
491587
Expires
Thu, 11 Mar 2021 13:39:37 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7878
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
fe4120db213ce0688f6d36fc06d193697cb6682410f9b2d48f0ce7b02d848b78
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
rcode.4d45b12173.js
recreativ.ru/ 		933 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recreativ.ru/rcode.4d45b12173.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e04f5ee1ae116af3a9a4ead0878281a693857ddcefe68b6d0ef3483ec29526f2

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
text/javascript;charset=utf-8
expires
Thu, 04 Mar 2021 15:41:11 +0200
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7880
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
760ab9fb4e8499921ab275830d6d5b3c39380e94e7f8fdbdf77951d5eb43c099
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
%D0%93%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5-%D0%BF%D0%BE-%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B5-%D0%BD%D0%B0-%D0%BC%D0%B0%D1%80%D1%82-2021-%D0%B3%D0%BE%D0%B4%D0%B0.jpg
newsyou.info/wp-content/uploads/2021/03/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%93%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5-%D0%BF%D0%BE-%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B5-%D0%BD%D0%B0-%D0%BC%D0%B0%D1%80%D1%82-2021-%D0%B3%D0%BE%D0%B4%D0%B0.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c7a4e4fd1579ef5c984bc04b6ccd29b14b44af46e55c42455c907be565ee7f18

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 04:24:40 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109696
Expires
Thu, 11 Mar 2021 13:39:37 GMT
znaki-1024x821-1.jpg
newsyou.info/wp-content/uploads/2020/11/ 		255 KB
255 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2020/11/znaki-1024x821-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ffdb9a030a364449c2722f23f188dbad675de602529cef38f1529d51e82ba7ab

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Sat, 07 Nov 2020 22:16:38 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
260652
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BF%D1%82-%D0%BA%D0%BE%D1%81%D0%BC%D0%BE-%D0%BE%D1%82%D0%B5%D0%BB%D1%8F-Voyager-Station-%D0%BD%D0%B0-%D0%BD%D0%B8%D0%B7%D0%BA%D0%BE%D0%B9-%D0%BE%D0%BA%D0%BE%D0%BB%D...
newsyou.info/wp-content/uploads/2021/03/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BF%D1%82-%D0%BA%D0%BE%D1%81%D0%BC%D0%BE-%D0%BE%D1%82%D0%B5%D0%BB%D1%8F-Voyager-Station-%D0%BD%D0%B0-%D0%BD%D0%B8%D0%B7%D0%BA%D0%BE%D0%B9-%D0%BE%D0%BA%D0%BE%D0%BB%D0%BE%D0%B7%D0%B5%D0%BC%D0%BD%D0%BE%D0%B9-%D0%BE%D1%80%D0%B1%D0%B8%D1%82%D0%B5-%D0%A4%D0%9E%D0%A2%D0%9E.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
e2e0cb955651279a938ee17fc6a5a8fc63e065d131e93af1583bf114f6adaa23

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 11:11:47 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45824
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%9A%D1%80%D0%B0%D1%81%D0%B8%D0%B2%D1%8B%D0%B5-%D0%B4%D0%B5%D0%B2%D1%83%D1%88%D0%BA%D0%B8-%D0%BD%D0%B0-%D0%B3%D1%80%D1%83%D0%BF%D0%BF%D0%BE%D0%B2%D1%8B%D1%85-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B0%...
newsyou.info/wp-content/uploads/2021/03/ 		260 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%9A%D1%80%D0%B0%D1%81%D0%B8%D0%B2%D1%8B%D0%B5-%D0%B4%D0%B5%D0%B2%D1%83%D1%88%D0%BA%D0%B8-%D0%BD%D0%B0-%D0%B3%D1%80%D1%83%D0%BF%D0%BF%D0%BE%D0%B2%D1%8B%D1%85-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B0%D1%85-%D0%A4%D0%9E%D0%A2%D0%9E.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
a1bad1b99210bcbcf6d754b3e64a023a36a26a317e370d2a8474d0bdf6e11296

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 10:10:46 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
266052
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%94%D0%B5%D1%80%D0%B5%D0%B2%D1%8F%D0%BD%D0%BD%D1%8B%D0%B5-%D0%B4%D0%BE%D0%BC%D0%B8%D0%BA%D0%B8-%D1%83-%D0%BE%D0%BA%D0%B5%D0%B0%D0%BD%D0%B0-%D0%B2-%D0%A7%D0%B8%D0%BB%D0%B8-%D0%A4%D0%9E%D0%A2%D0%9...
newsyou.info/wp-content/uploads/2021/03/ 		348 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%94%D0%B5%D1%80%D0%B5%D0%B2%D1%8F%D0%BD%D0%BD%D1%8B%D0%B5-%D0%B4%D0%BE%D0%BC%D0%B8%D0%BA%D0%B8-%D1%83-%D0%BE%D0%BA%D0%B5%D0%B0%D0%BD%D0%B0-%D0%B2-%D0%A7%D0%B8%D0%BB%D0%B8-%D0%A4%D0%9E%D0%A2%D0%9E.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f0ab3010956dcee3eb0c79f481631611951189be27f159e9a5e82c912bcc10a8

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 09:09:45 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
356625
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83-%D0%BD%D0%B0-%D0%BC%D0%BE%D1%80%D0%BE%D0%B7%D0%B5-%D0%BB%D0%B8%D1%86%D0%BE-%D0%BD%D0%B5-%D0%BC%D0%B5%D1%80%D0%B7%D0%BD%D0%B5%D1%82-%D0%BA%D0%B0%D0%BA-%D0%B4%D1%...
newsyou.info/wp-content/uploads/2021/03/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83-%D0%BD%D0%B0-%D0%BC%D0%BE%D1%80%D0%BE%D0%B7%D0%B5-%D0%BB%D0%B8%D1%86%D0%BE-%D0%BD%D0%B5-%D0%BC%D0%B5%D1%80%D0%B7%D0%BD%D0%B5%D1%82-%D0%BA%D0%B0%D0%BA-%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D0%B5-%D1%87%D0%B0%D1%81%D1%82%D0%B8-%D1%82%D0%B5%D0%BB%D0%B0.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
e707d96cab4afa8bac669b03aa7d9edf876631c503fabe3da15e93dc840ac877

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 08:08:42 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76153
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%93%D0%BE%D0%BB%D0%BB%D0%B8%D0%B2%D1%83%D0%B4%D1%81%D0%BA%D0%B8%D0%B5-%D0%B7%D0%BD%D0%B0%D0%BC%D0%B5%D0%BD%D0%B8%D1%82%D0%BE%D1%81%D1%82%D0%B8-%D0%BD%D0%B0-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B0%D...
newsyou.info/wp-content/uploads/2021/03/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%93%D0%BE%D0%BB%D0%BB%D0%B8%D0%B2%D1%83%D0%B4%D1%81%D0%BA%D0%B8%D0%B5-%D0%B7%D0%BD%D0%B0%D0%BC%D0%B5%D0%BD%D0%B8%D1%82%D0%BE%D1%81%D1%82%D0%B8-%D0%BD%D0%B0-%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B0%D1%85-%D0%B2-%D0%BD%D0%B0%D1%87%D0%B0%D0%BB%D0%B5-%D0%BA%D0%B0%D1%80%D1%8C%D0%B5%D1%80%D1%8B-%D0%B8-%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81-%D0%A4%D0%9E%D0%A2%D0%9E.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f9c28eb4eda82acc5f9a65527fb6ba5a6192644e471411cd69da7d9e9585773e

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 07:07:40 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59860
Expires
Thu, 11 Mar 2021 13:39:37 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7884
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
383e4d162d6a14db1d72e7d7c5dc1d3d4134641927e56eab33afd96e03008099
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
2598797.jpeg
newsyou.info/wp-content/uploads/2021/03/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/2598797.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
6250339322f609be8ece4fe15c087e4b204b24123f1fa52cc86c4db6e92db692

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Wed, 03 Mar 2021 21:14:21 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90204
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%9D%D0%B0%D1%80%D1%83%D1%88%D0%B8%D0%BB-%D1%83%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%8F-%D0%BD%D0%B0%D0%B4%D0%B7%D0%BE%D1%80%D0%B0-%D0%A1%D0%BA%D0%BE%D0%BF%D0%B8%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%BC%...
newsyou.info/wp-content/uploads/2021/03/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%9D%D0%B0%D1%80%D1%83%D1%88%D0%B8%D0%BB-%D1%83%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%8F-%D0%BD%D0%B0%D0%B4%D0%B7%D0%BE%D1%80%D0%B0-%D0%A1%D0%BA%D0%BE%D0%BF%D0%B8%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%BC%D0%B0%D0%BD%D1%8C%D1%8F%D0%BA-%D0%BF%D0%BE%D0%B5%D1%85%D0%B0%D0%BB-%D0%BD%D0%B0-%D0%A2%D0%92-%D1%88%D0%BE%D1%83.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c8ee500079e41f1affe252e4086d17a67b1d762ec71a93bb902a77bb7f320c84

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 12:34:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51247
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%A0%D0%B5%D0%B3%D1%83%D0%BB%D1%8F%D1%82%D0%BE%D1%80-%D0%95%D0%A1-%D0%BD%D0%B0%D1%87%D0%B0%D0%BB-%D1%8D%D0%BA%D1%81%D0%BF%D0%B5%D1%80%D1%82%D0%B8%D0%B7%D1%83-%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%...
newsyou.info/wp-content/uploads/2021/03/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%A0%D0%B5%D0%B3%D1%83%D0%BB%D1%8F%D1%82%D0%BE%D1%80-%D0%95%D0%A1-%D0%BD%D0%B0%D1%87%D0%B0%D0%BB-%D1%8D%D0%BA%D1%81%D0%BF%D0%B5%D1%80%D1%82%D0%B8%D0%B7%D1%83-%D0%B2%D0%B0%D0%BA%D1%86%D0%B8%D0%BD%D1%8B-%D0%A1%D0%BF%D1%83%D1%82%D0%BD%D0%B8%D0%BA-V.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
e3d01632040a1f56d07668e002c86e48c24d992d293254c7d6d03bfb3cd184af

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 12:31:48 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
117916
Expires
Thu, 11 Mar 2021 13:39:37 GMT
newsyou.info.860188.js
jsc.mgid.com/n/e/ 		241 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.860188.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8154eebab74a1f4c4fa7131871563ed80aaa1a18bf68013c2f7795966243507d

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
age
3073
cf-polished
origSize=246939
last-modified
Tue, 02 Mar 2021 12:31:59 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FA9381A718352E8E
x-amz-id-2
bIrW+A5NAl+l6Lxq0KZUnzKcbXa0I0cYFN42LZGfJY1RDO3dNHO6DllrRPZFYdZdNkoXo4dS33c=
cf-bgj
minify
server
cloudflare
etag
W/"c9fcb025c533ece06e3b3e3ca0a0819b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
089f11a1a400000c85ea2b4000000001
cf-ray
62ab854908210c85-AMS
expires
Thu, 04 Mar 2021 16:41:11 GMT
1614349319_table-coffee-fruit-berry-home-cup-634263-pxhere_com.jpg
newsyou.info/wp-content/uploads/2021/03/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614349319_table-coffee-fruit-berry-home-cup-634263-pxhere_com.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
fa9d698fb375c2176f65e8e1a2338f711edb4a167407dca5ebff455911b89699

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Wed, 03 Mar 2021 09:11:02 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44479
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614683407_ruka.jpg
newsyou.info/wp-content/uploads/2021/03/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614683407_ruka.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
86c140945f644d6bf42c732e7d10453596842012d5daa7f3c9b6cc0ba85be020

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Wed, 03 Mar 2021 07:12:12 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
114367
Expires
Thu, 11 Mar 2021 13:39:37 GMT
1614404096_uakomar_151944211_1475379486001711_5724128857096412823_n.jpg
newsyou.info/wp-content/uploads/2021/03/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/1614404096_uakomar_151944211_1475379486001711_5724128857096412823_n.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
764e345c65ec0cfbdcc2b45be8dcab4fa65640161a95b50b4717f1c48d85ce16

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Wed, 03 Mar 2021 09:09:41 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78794
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%9F%D0%BE%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%D1%81%D1%8C-%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0-%D0%B2%D0%B7%D1%80%D1%8B%D0%B2%D0%B0-%D1%80%D0%B0%D0%BA%D0%B5%D1%82%...
newsyou.info/wp-content/uploads/2021/03/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%9F%D0%BE%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%D1%81%D1%8C-%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%D0%B0-%D0%B2%D0%B7%D1%80%D1%8B%D0%B2%D0%B0-%D1%80%D0%B0%D0%BA%D0%B5%D1%82%D1%8B-SpaceX-%D0%B2-%D0%A2%D0%B5%D1%85%D0%B0%D1%81%D0%B5.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
6f0561883d4babf67262942ad27ab43554c73069dee691495971d4b4c14b2158

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 13:18:47 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20836
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%A1%D0%B1%D0%BE%D0%B9-%D0%B2-Instagram-%D1%81%D0%BE%D1%86%D1%81%D0%B5%D1%82%D1%8C-%D0%BF%D0%BE-%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B5-%D1%81%D0%BF%D1%80%D1%8F%D1%82%D0%B0%D0%BB%D0%B0-%D0%BB%D0%B0%...
newsyou.info/wp-content/uploads/2021/03/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%A1%D0%B1%D0%BE%D0%B9-%D0%B2-Instagram-%D1%81%D0%BE%D1%86%D1%81%D0%B5%D1%82%D1%8C-%D0%BF%D0%BE-%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B5-%D1%81%D0%BF%D1%80%D1%8F%D1%82%D0%B0%D0%BB%D0%B0-%D0%BB%D0%B0%D0%B9%D0%BA%D0%B8.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
7c92929d189373af6c5f6e0a75fecca4d7b0e354a673c7bbff7182ba3c16318c

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 12:32:47 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43783
Expires
Thu, 11 Mar 2021 13:39:37 GMT
NASA-%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BB%D0%BE-%D1%81%D0%B0%D0%BC%D1%8B%D0%B9-%D1%81%D0%B5%D1%80%D1%8C%D0%B5%D0%B7%D0%BD%D1%8B%D0%B9-%D0%B8%D0%BD%D1%86%D0%B8%D0%B4%D0%B5%D0%BD%D1%82-%D0%B2-%D0%BA%...
newsyou.info/wp-content/uploads/2021/03/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/NASA-%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BB%D0%BE-%D1%81%D0%B0%D0%BC%D1%8B%D0%B9-%D1%81%D0%B5%D1%80%D1%8C%D0%B5%D0%B7%D0%BD%D1%8B%D0%B9-%D0%B8%D0%BD%D1%86%D0%B8%D0%B4%D0%B5%D0%BD%D1%82-%D0%B2-%D0%BA%D0%BE%D1%81%D0%BC%D0%BE%D1%81%D0%B5-%D0%B7%D0%B0-%D0%BF%D1%8F%D1%82%D1%8C-%D0%BB%D0%B5%D1%82.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1e453ae3bd1329b0e5153d04b55da60a5840eb71ecdf5500b6da034f26222843

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 09:30:41 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76433
Expires
Thu, 11 Mar 2021 13:39:37 GMT
%D0%A3%D0%B6%D0%B5-10-%D0%BF%D1%80%D0%BE%D1%82%D0%BE%D1%82%D0%B8%D0%BF-Starship-%D0%B2%D0%B7%D0%BE%D1%80%D0%B2%D0%B0%D0%BB%D1%81%D1%8F-%D0%B2%D0%BE-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D0%BF%D0%BE%D1%81...
newsyou.info/wp-content/uploads/2021/03/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/%D0%A3%D0%B6%D0%B5-10-%D0%BF%D1%80%D0%BE%D1%82%D0%BE%D1%82%D0%B8%D0%BF-Starship-%D0%B2%D0%B7%D0%BE%D1%80%D0%B2%D0%B0%D0%BB%D1%81%D1%8F-%D0%B2%D0%BE-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D0%BF%D0%BE%D1%81%D0%B0%D0%B4%D0%BA%D0%B8-%D0%BD%D0%BE-%D0%B2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
6aef7998f7d703339e40ad8a787390ef47f01abdd37eafeb5702d48ce2854846

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Thu, 04 Mar 2021 08:17:39 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31025
Expires
Thu, 11 Mar 2021 13:39:37 GMT
newsyou.info.1024868.js
jsc.mgid.com/n/e/ 		249 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2101717946d50b94f801a8ef785023fc0417620fb948536076e16704df67804e

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
age
2103
cf-polished
origSize=255036
last-modified
Thu, 04 Mar 2021 13:05:58 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
W0WYVAGK6EWEEXH3
x-amz-id-2
4o3hYQFfIJiY4apxllT8l4Kdo+ULPZmeZoyhkaDqJeDr4XCvcQj1MVY+37mn1rvK4TlR2b2141M=
cf-bgj
minify
server
cloudflare
etag
W/"fbf1f0c454ed59f2c1d48802d98ff226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
089f11a1a500000c85233c2000000001
cf-ray
62ab854908230c85-AMS
expires
Thu, 04 Mar 2021 16:41:11 GMT
2598445.jpg
newsyou.info/wp-content/uploads/2021/03/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/2598445.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
fde80630b6bf66a9930de6a23105d3bad7c79735df329767db1a31a4f29a09c6

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:37 GMT
Last-Modified
Wed, 03 Mar 2021 21:10:19 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83059
Expires
Thu, 11 Mar 2021 13:39:37 GMT
d3a_photo5909902126765681602.jpg
newsyou.info/wp-content/uploads/2021/03/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/d3a_photo5909902126765681602.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
a5c3718ccb9dc1b5dd17520320f53a9f20c8404302d21e81180f7c4d97b4a93f

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:38 GMT
Last-Modified
Wed, 03 Mar 2021 21:31:51 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41571
Expires
Thu, 11 Mar 2021 13:39:38 GMT
51599298_552781288552174_1509180272538941047_n.jpg
newsyou.info/wp-content/uploads/2021/03/ 		193 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/03/51599298_552781288552174_1509180272538941047_n.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
e9e54cbcdb882fb8432a482d5f22b1415f18277c4a704e80d5be50cdc261a5fc

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:38 GMT
Last-Modified
Wed, 03 Mar 2021 20:27:51 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
197889
Expires
Thu, 11 Mar 2021 13:39:38 GMT
tar.png
newsyou.info/wp-content/uploads/2020/11/ 		451 KB
451 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2020/11/tar.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
46f42c3bacdf581f8c4f782e77f341102bf127241ae4e724fc6f2066f9704b96

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:38 GMT
Last-Modified
Tue, 03 Nov 2020 21:34:38 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
461812
Expires
Thu, 11 Mar 2021 13:39:38 GMT
loader.js
news.gnezdo.ru/ 		85 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.gnezdo.ru/loader.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
ec5f165087df17f3e42b3dd772feaa4cb90a47a130f0e6000a29aad4aadfb666

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 11:25:45 GMT
Server
nginx/1.10.3
ETag
"603f7239-428c"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
application/javascript
Content-Length
17036
Expires
Fri, 05 Mar 2021 13:41:11 GMT
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css?ver=5.1.8
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
59078
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2695
cf-request-id
089f11a14b000017861d08c000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-31fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3p%2Fa%2BEEqB9VLCcxB8bvLa2xyOh8pQeMEB7uyezrFHb%2FyVdkLY5yqZIYdPrN5DN9Ht8QHWHrhVsWh4JLykR6f58VRZvW%2F5VsRA%2BgDJ%2FZTDP4qt%2FjodWBSykg3ilzWoVew5Q%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62ab85487fec1786-FRA
expires
Tue, 22 Feb 2022 13:41:11 GMT
jquery.fancybox.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		157 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.js?ver=5.1.8
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
52086
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32145
cf-request-id
089f11a16100001786e489e000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-2739b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h4EjwxsIh72%2FtWeavC%2BtLfmKB24lsFgwwidHLGVLSbo4HyhVGnVkqo2gaRvSq%2FNnqU%2FMXUfR5j1VMusvPVg2LuWZ5qutSif6uHfSum1KQc2RSM0KOsPlahPUbsmJO4CRBQ%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62ab854898141786-FRA
expires
Tue, 22 Feb 2022 13:41:11 GMT
rotator.js
newsyou.info/wp-content/themes/newsyou/js/ 		207 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/rotator.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865

Request headers

Referer
https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Wed, 25 Mar 2020 21:22:26 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207
Expires
Thu, 11 Mar 2021 13:39:36 GMT
truncated
/ Frame 0F9C 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b73f0852e7eb32050051aac3e294a26bc30fe3a52698f4900f075ec8c5bf513b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
WyEEqE5TJ1NC94kX0POt8w==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
9RXrz84iRUTqfJZaXcq/x4HQiMaApFsX6CEKw0680Xj75R2ZCE/UIhfewsLW+UJF/QV4/z0N3MzDYrHU32SOJQ==
x-fb-trip-id
2052514463
x-fb-content-md5
188ae7ee0e1e3484e465cabe529516d4
x-frame-options
DENY
date
Thu, 04 Mar 2021 13:41:11 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"9a41adceaf7ecc2fc9a985b1877a3551"
timing-allow-origin
*
expires
Thu, 04 Mar 2021 13:50:56 GMT
match.js
pwrlkyotm.com/pixels/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwrlkyotm.com/pixels/match.js
Requested by
Host: ybej5ohp0x.ru
URL: https://ybej5ohp0x.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2d868ebbd0d5c4f033c4b51b505f3fdf53822dadc9cbe7eddd14b15235bf8de2

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 08:56:56 GMT
server
nginx/1.18.0
etag
W/"603f4f58-31da"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
menu.png
newsyou.info/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/menu.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle8.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a

Request headers

Referer
https://newsyou.info/mainstyle8.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:36 GMT
Last-Modified
Wed, 29 May 2019 08:53:48 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2563
Expires
Thu, 11 Mar 2021 13:39:36 GMT
13245.js
jsn.24smi.net/d/6/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:40:03 GMT
server
nginx
etag
W/"6040e333-c46"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:11 GMT
jsunit
a4p.adpartner.pro/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.17006272865689742
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
feed1dc827da303dc25acf61238a1a127ca164394ff702b651c4d3487803bdf8

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
collect
www.google-analytics.com/j/ 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1357063670&t=pageview&_s=1&dl=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&ul=en-us&de=UTF-8&dt=%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%D0%B8%20%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82%20%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8%20%D1%81%D0%B5%D0%BC%D0%B5%D0%B9%20%D1%81%20%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D0%BC%D0%B8%20(%D0%A4%D0%9E%D0%A2%D0%9E)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1094853666&gjid=1768473329&cid=629737997.1614865271&tid=UA-80712032-1&_gid=242620867.1614865271&_r=1&_slc=1&z=1737568740
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsyou.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.22603523465599284
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
c8858c53fc655a7684dbed61472a811f0399d63e2ca955edfaac71141d4a6438
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
t.js
theroswaf.com/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theroswaf.com/t.js?i=p5blhd4gm736cip7a9vd&cb=2469231614865271196
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-82.fra50.r.cloudfront.net
Software
/
Resource Hash
cd4a771a2c0677bbd2b9026f30c5df9e9133c3c4cce30e12635ee424912dc774

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
q_4e9B3PXxO5PHM22F2jPUVKqWuHmRKzvIICr5ln9nV54VkRugT_SQ==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
13267.js
jsn.24smi.net/4/0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:40:03 GMT
server
nginx
etag
W/"6040e333-b81"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:11 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/ 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b357031291532d150c46b043668f07f82f8074c01eddfbe886b90f8dd6755b31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
15270628242900322163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Mar 2021 13:41:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/ Frame 9055 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210302/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 03 Mar 2021 20:38:55 GMT
expires
Wed, 17 Mar 2021 20:38:55 GMT
content-type
text/html; charset=UTF-8
etag
14371272352318978350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
5136
x-xss-protection
0
age
61336
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7883&r=0.7969671280255681
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
cca9d3770799508f227568e9bcc1cd0f49f0c6386eed0fb19cc670b0d2ac5e77
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=5687&ref=&0.12211084823578844
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0547ef587072a824861a8b6a80596ab61a3675636560ae6b94b66a6786c4ab35

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=6822&r=0.2982501532512114
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
126ad3f966eea855cb57af0e6e0ead57c82efcf8e6e9ccece877a238109293dd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2490&ref=&0.9873708821603013
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
02108d0f54580f8168a66842af241dab3d68dfe9e08baeb917e6bb79f3cc3636

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2501&ref=&0.6944821748776018
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
6cb5b25571d26c28a1e22a0e29fbd413a11ea52a910c61d310fff81c57a7389b

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
cfg
data.24smi.net/ 		354 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13267&ver=13&callback=__smiCb1614865271259
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
a8d7fd2864e7666dc1b223d949cc5570bbedd8eb3cf15e6c9f231b77ef753e1b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cache-control
no-store
server
nginx
content-length
354
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
13248.js
jsn.24smi.net/e/7/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:36:02 GMT
server
nginx
etag
W/"6040e242-900"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:11 GMT
1
recreativ.ru/cs/1/ 		34 B
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recreativ.ru/cs/1/1
Requested by
Host: recreativ.ru
URL: https://recreativ.ru/rcode.4d45b12173.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
95458a6d94db6068ec45239984bc7b7585845aa43ce315a6aaf2b038a8f04476

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b16
cache-control
private, max-age=315360000
expires
Sun, 02 Mar 2031 15:41:11 +0200
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:26:22 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:11 GMT
css
fonts.googleapis.com/ 		2 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:13:59 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:11 GMT
ByMGID.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
age
5662
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DCB403D7254D6E85
x-amz-id-2
Cnwert1GiENoysUfBDXPF2oxBVB7KvQCrQPePrf/gjyjLKV6G2s01OhrGpZe00vVtwDUBpnt1yc=
last-modified
Thu, 07 May 2020 09:36:25 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag
W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
089f11a25300000c8511b54000000001
cf-ray
62ab854a1a700c85-AMS
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5351cc5fcd84ca5f24714cbc76e6b8f4fbf9a73fb9f7491bec0b523d073987e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 20:59:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
60074
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Thu, 03 Mar 2022 20:59:57 GMT
1
servicer.mgid.com/896370/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/896370/1?w=613&h=296&p1_w=198&p1_h=276&cols=3&pv=5&cbuster=161486527139616349107&uniqId=0e858&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%20&lu=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&pageView=1&pvid=177fd788a6581b15d4b&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.896370.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee830c9e064d0423da0c83dabd0249b7f74885700a6fc58ed9f535591591c8db

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab854a4ad00c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a27000000c85fb17d000000001
newsyou.info.js
ghb.adtcontent.com/prebidmg/448573/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghb.adtcontent.com/prebidmg/448573/newsyou.info.js?cb=448573
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.896370.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b697c788bfde9205437ef8437c39d6ab4d8e39dc03da6635024578327ac25266

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:10 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Length
1572
Content-Type
application/javascript; charset=UTF-8
sdk.js
connect.facebook.net/ru_RU/ 		197 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=66c3a9f6e809cc3adce2b4f805a25fd0&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a71ffee46d2167bbcb4b4de1396783a6e792667f3c50a1c09952ffc08baed40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bpfqaYdOF0g4fHV5Xr6AlA==
cross-origin-resource-policy
cross-origin
expires
Fri, 04 Mar 2022 11:36:08 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60545
x-fb-rlafr
0
x-fb-debug
pcOMa68cdZOkxzYPnoA+Ec94Mh8a3ogp3L++Uubx2ZypIkoeAhqjqHNKxF6PjRnrPELEavILv/4Wf1RkxtMWPg==
x-fb-trip-id
686109401
x-fb-content-md5
d536395f7301c67f76023f9866f5b6a9
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 04 Mar 2021 13:41:11 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag
"d23fa3280ba80ad876c62c652bf82867"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
cfg
data.24smi.net/ 		354 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13245&ver=13&callback=__smiCb1614865271260
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
922d5a209cca81e8a8cd9dc7f04c29fffc1617a286026bdc1a7ecb3976f9819f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cache-control
no-store
server
nginx
content-length
354
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
530525
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 26 Feb 2022 10:19:06 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
age
4717
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
089f11a2e500000c854b34b000000001
cf-ray
62ab854b0c780c85-AMS
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
age
4715
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
089f11a2e600000c85f034d000000001
cf-ray
62ab854b0c7b0c85-AMS
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 09:38:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:08:16 GMT
server
sffe
age
532963
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16224
x-xss-protection
0
expires
Sat, 26 Feb 2022 09:38:28 GMT
cookie.js
partner.googleadservices.com/gampad/ 		202 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newsyou.info&callback=_gfp_s_&client=ca-pub-5994697028380609
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a0715c77ed9d570516198fbe5ed0e32e6fb3a2bd12eedce7e21e6b99f5856829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CE53 		16 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=3025194257&lmt=1614865271&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&ea=0&flash=0&pra=5&wgl=1&dt=1614865271214&bpp=14&bdt=523&idt=311&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2911950995705&frm=20&pv=2&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=325
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
398d50171a33f94cf62b5fa83b20ddbf697e3d1a385706ae32fec2c7b5c1a263
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=3025194257&lmt=1614865271&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&ea=0&flash=0&pra=5&wgl=1&dt=1614865271214&bpp=14&bdt=523&idt=311&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2911950995705&frm=20&pv=2&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=325
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 04 Mar 2021 13:41:11 GMT
server
cafe
content-length
1262
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 04-Mar-2021 13:56:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 04 Mar 2021 13:41:11 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:11 GMT
cfg
data.24smi.net/ 		354 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13248&ver=13&callback=__smiCb1614865271261
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
06afeb3aed39f3b7f8cb0bcf90d0969d3992d3a89ea6541609ce6909b1b5edad
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cache-control
no-store
server
nginx
content-length
354
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
1
servicer.mgid.com/860188/ 		1 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/860188/1?w=300&h=250&p1_w=300&p1_h=250&cols=1&pv=5&cbuster=1614865271639468754191&uniqId=12bd0&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%20&lu=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&pageView=0&pvid=177fd788b57add5e31a&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.860188.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece4db6870a909ccaf2a11fd413a6a6a099a78a5433a8331e4bea6f97251dd39

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab854bce300c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a36200000c85233f0000000001
zaglushka-header-top.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame B37F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=200&slotname=5334027434&adk=3283282604&adf=1790009821&pi=t.ma~as.5334027434&w=1200&fwrn=4&lmt=1614865271&...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
394 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
bf8c7819538a0a83fc7ded19cde7d36dac6711283dc4280eddf54c1093a8f226

Request headers

Host
newsyou.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ga=GA1.2.629737997.1614865271; _gid=GA1.2.242620867.1614865271; _gat=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22Jo6dTOqJJ%22%7D%2C%22C896370%22%3A%7B%22page%22%3A1%7D%2C%22C860188%22%3A%7B%22page%22%3A1%7D%2C%22C1024868%22%3A%7B%22page%22%3A1%7D%2C%22C346316%22%3A%7B%22page%22%3A1%7D%7D; lapuid=52ff0dba-a782-400f-abe8-df93e6b2b32f; session_id=88431b39-e266-42b8-b900-80baaae6c627; session_pageview=1614865272.1; site_visited=1614951672.1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 04 Mar 2021 13:39:37 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
238
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 04 Mar 2021 13:41:11 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUknDIdqwSkIZ19d70q5-pMaiRLp4S5zkdf6xM-voYNFAqTI3WylhyzTWqD37-c; expires=Tue, 29-Mar-2022 13:41:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tizers.php
recreativ.ru/ 		9 B
197 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recreativ.ru/tizers.php?bn=4d45b12173&cache=t53Z6dTZuGb60x0
Requested by
Host: recreativ.ru
URL: https://recreativ.ru/rcode.4d45b12173.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
c9a21015e0be5f2f6a5bf2ec55b2840b57e6d86c5b921be41868b4d2f92f905d

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b15
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/javascript;charset=utf-8
expires
Thu, 04 Mar 2021 15:41:11 +0200
1
servicer.mgid.com/1024868/ 		2 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1024868/1?w=296&h=735&cols=1&pv=5&cbuster=1614865271679319127624&uniqId=0b514&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%20&lu=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&pageView=0&pvid=177fd788b7fb9fea877&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84c5723d952d3e73e24ae018797f3d4dfa6425447623cd8a06038d8f5acd33b

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab854c0ebf0c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a38900000c853d8fd000000001
1
servicer.mgid.com/346316/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/346316/1?w=613&h=210&cols=1&pv=5&cbuster=16148652717063180702&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%20&lu=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&pageView=1&pvid=177fd788b9baa1e2908&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.687498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356edbf8c8b052a269b0b856a4bed2f670311c5e174a7b0e9b37f4ef9106cdb9

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab854c3f250c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a3a600000c85fb1a1000000001
ads
googleads.g.doubleclick.net/pagead/ Frame B893 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81d37e4f93694db42834afdbaa08c927e54eb142280021059d570e673a232d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 04 Mar 2021 13:41:12 GMT
server
cafe
content-length
5942
x-xss-protection
0
set-cookie
IDE=AHWqTUn0fVOUOqadZZLwz4shqQqFcKmninKhNtqtE9xewChkrQpCeKL3ZrK6eiEDl-8; expires=Tue, 29-Mar-2022 13:41:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
private
/
m.mixadvert.com/show/load/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7884&id_name=shQND&teaser_name=QyEAGHm&block_name=nrsGzB&ban_teaser=&r=0.07436411636236429&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7884
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
ede5b672d66ad80b501082e3ebf3d97a8ba9f13a1c3cfeba116c27fc4bb5820e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6216 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: theroswaf.com
URL: https://theroswaf.com/t.js?i=p5blhd4gm736cip7a9vd&cb=2469231614865271196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
f71c5f813630cea61c331e6bd6b2234f0aa0ec3b04536e050896eab0952b63ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"801 / 847 of 1000 / last-modified: 1614859851"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19406
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:11 GMT
ls
a4p.adpartner.pro/jsunit/ Frame D75F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=5687&unit_id=6566&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=5687&ref=&0.12211084823578844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
51a6f3daaa46e9c39d58cbf5e3c528aa19a680f931fb7ae8f3504834f0089481

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/jsunit/ls?jsunit=5687&unit_id=6566&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:11 GMT
content-type
text/html; charset=utf-8
set-cookie
newsyou.info_ref=; Path=/; Expires=Thu, 04 Mar 2021 14:41:11 GMT; Secure; SameSite=None
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame B522 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=613&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.17006272865689742
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aca5824bde2a5e0c59847ea95a15dbd317d3e08a6b4ac5bd08298765faff6409

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/jsunit/ls?jsunit=2489&unit_id=2489&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=613&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:11 GMT
content-type
text/html; charset=utf-8
set-cookie
newsyou.info_ref=; Path=/; Expires=Thu, 04 Mar 2021 14:41:11 GMT; Secure; SameSite=None
cache-control
no-store no-transform
content-encoding
br
pclicks.js
prodmp.ru/ 		436 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks.js
Requested by
Host: pwrlkyotm.com
URL: https://pwrlkyotm.com/pixels/match.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.93.124 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
bc5e26725e8a7c205fe3b116f280f29d902ad5bf945523fd6c2bfa49580ef74a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/javascript;charset=iso-8859-1
content-length
436
expires
Thu, 01 Jan 1970 00:00:00 GMT
ls
a4p.adpartner.pro/jsunit/ Frame 7185 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=2490&unit_id=2490&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2490&ref=&0.9873708821603013
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
6d205cacc7d17ec9bb53b634a2e7d4897afc7ee5b32c9e1c3f12b02a55bbfaba

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/jsunit/ls?jsunit=2490&unit_id=2490&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:11 GMT
content-type
text/html; charset=utf-8
set-cookie
newsyou.info_ref=; Path=/; Expires=Thu, 04 Mar 2021 14:41:11 GMT; Secure; SameSite=None
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame 49A4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=2501&unit_id=2501&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2501&ref=&0.6944821748776018
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
51c572509e1cb3991cf81229d987c51c72dde71655f1d6894bd28a2dda3c2884

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/jsunit/ls?jsunit=2501&unit_id=2501&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:11 GMT
content-type
text/html; charset=utf-8
set-cookie
newsyou.info_ref=; Path=/; Expires=Thu, 04 Mar 2021 14:41:11 GMT; Secure; SameSite=None
cache-control
no-store no-transform
content-encoding
br
i.js
cm.mgid.com/ 		1 KB
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1614865271776677350681
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.896370.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e60debc691c3fbfd7c1af2cfa881fafd330fc174510bbff563ec5190de3986a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
3dd7310e-b6ed-4397-9350-8e5a56aef6b4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab854ca8030c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a3eb00000c85e080b000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame 9FFA 		19 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1614865271782420752512
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.896370.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
805d9678-088a-4439-bd1d-0ebdd144f4dc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab854cb80e0c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a3ef00000c8555054000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDgvMTAxOTI0LzQ5OWRlMmE5YzFhNTM5ODdkOGU3ZmMxODdkNmJhZWVmLmpwZWc_dD0xNTM5MDI5MjE0OTM4.webp
s-img.mgid.com/g/8164915/328x328/45x33x403x403/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164915/328x328/45x33x403x403/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDgvMTAxOTI0LzQ5OWRlMmE5YzFhNTM5ODdkOGU3ZmMxODdkNmJhZWVmLmpwZWc_dD0xNTM5MDI5MjE0OTM4.webp?v=1614865271-kQXYPAfBJ-MdtMD_f_DVE647wbKHRS18VpwHIq2MEJc
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8663b9b1464e73c334830b36704685e98b1d8b769a3bc6fdf04e56a16e0e3971

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cf-cache-status
HIT
x-mg-request-uuid
e62e0788-8a59-42b0-801a-1368382e9b17
age
2084833
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12124
cf-request-id
089f11a3f900000c85e0210000000001
last-modified
Mon, 08 Feb 2021 10:21:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ab854cc82a0c85-AMS
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp
s-img.mgid.com/g/8164860/328x328/0x0x831x831/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164860/328x328/0x0x831x831/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp?v=1614865271-5GAtSy1SI45fSS6M4W-5mU2laZlDedRsRf-SsIll9gk
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66b05fcd3c18a22f1cb94a9c90ad9caad4cb927fbf4025c50fd336bd319f037

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cf-cache-status
HIT
x-mg-request-uuid
18f4a33d-d448-4011-954e-552f3b65cf30
age
2085464
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9142
cf-request-id
089f11a42600000c852236c000000001
last-modified
Mon, 08 Feb 2021 10:20:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ab854d08c30c85-AMS
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0LzMwZmQ1YjY4MjRkMzAwYTdmODkzZmYwM2MyZWRkMGFmLmpwZWc.webp
s-img.mgid.com/g/8164916/328x328/356x0x784x784/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164916/328x328/356x0x784x784/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0LzMwZmQ1YjY4MjRkMzAwYTdmODkzZmYwM2MyZWRkMGFmLmpwZWc.webp?v=1614865271-nxlF9ANF5ZKI88aLV7-UC6v1kraMAY9AiUm5JPt7a28
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b59b32be0b425e6d7ed656f3ffd46bb73822f8929cdb945c63241101757086

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
cf-cache-status
HIT
x-mg-request-uuid
f29fe369-02ef-4645-97d9-49a6b8b31b29
age
2085322
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10050
cf-request-id
089f11a42f00000c853789c000000001
last-modified
Mon, 08 Feb 2021 10:21:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ab854d18e50c85-AMS
tracking
ghb.adtelligent.com/adunit/ 		43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ghb.adtelligent.com/adunit/tracking?site_id=8896&client_id=303941&event=22&type=0&adid=3B683B49D5E15961&vpbv=1.0&pubbid=1.1&subtype=0
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://newsyou.info
Date
Thu, 04 Mar 2021 13:41:11 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
zaglushka-center.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame DCC3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=381&slotname=5991095728&adk=2965852602&adf=4142840601&pi=t.ma~as.5991095728&w=613&lmt=1614865271&rafmt=11...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
711 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
8c1878e8a6f4f613c3fc937a26952ebabc6dd3fc1bbdc942dc8664c1638d2d07

Request headers

Host
newsyou.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ga=GA1.2.629737997.1614865271; _gid=GA1.2.242620867.1614865271; _gat=1; lapuid=52ff0dba-a782-400f-abe8-df93e6b2b32f; session_id=88431b39-e266-42b8-b900-80baaae6c627; session_pageview=1614865272.1; site_visited=1614951672.1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C896370%22%3A%7B%22page%22%3A1%2C%22time%22%3A1614865271771%7D%2C%22C860188%22%3A%7B%22page%22%3A1%7D%2C%22C1024868%22%3A%7B%22page%22%3A1%7D%2C%22C346316%22%3A%7B%22page%22%3A1%7D%7D; __gads=ID=d180bf9febf395e9-22fc8781f3a6007b:T=1614865271:RT=1614865271:S=ALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 04 Mar 2021 13:39:37 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
391
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 04 Mar 2021 13:41:11 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
20.js
jsn.24smi.net/v2-renderer/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/v2-renderer/20.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
9315567f6c0c1d23d2cdcf7a257d1c60a3737fa9bb2047955b5515c05b6ecf7b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 14:44:39 GMT
server
nginx
etag
W/"603e4f57-b3a8"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:11 GMT
1281.js
jsn.24smi.net/4/0/13267/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267/1281.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
82e5409c796f8bcaeedde479472681829fb6f0684e967fe86292d0e40dfd2373
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:35:47 GMT
server
nginx
etag
W/"6040e233-10e1"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:11 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7881&r=0.6380288568359389
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
e0f025a03b373e4f49c8c2b1a1f6675357b7e5535356ad439035a42d9adf9e76
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7882&r=0.7157739339320963
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
99d7337345bb08bc4a79663eb807a537188ac6a5550e42ee5deff332ed1e79a9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
internal
dmpprof.com/matching/ 		107 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&href=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&title=%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%D0%B8%20%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82%20%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8%20%D1%81%D0%B5%D0%BC%D0%B5%D0%B9%20%D1%81%20%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D0%BC%D0%B8%20(%D0%A4%D0%9E%D0%A2%D0%9E)&aid=0
Requested by
Host: pwrlkyotm.com
URL: https://pwrlkyotm.com/pixels/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
25983d53055e98ade7995e6bc5e5941d46f0358d9e482a21f671e6c9d58cbfc7

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
107
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13977&f=2&ref=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&gw=613&gh=0&gaid=0&gtvm=&ids=0
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9f7e11e366a5250613892939bdf8353c13f595254b4cc747c99006f6813b742a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
pxl.jpg
theroswaf.com/ 		597 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theroswaf.com/pxl.jpg?i=p5blhd4gm736cip7a9vd&s=513&p=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&rstk=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&h=8180391614865271882
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-82.fra50.r.cloudfront.net
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-length
597
x-amz-cf-id
8LaznYEFsEvNOJ9vVp7SkCpOfQTafTbQ-tIgsRW23zAz8taDBQlvCQ==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
1280.js
jsn.24smi.net/d/6/13245/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245/1280.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
c13520c75153171c7872fe2f52594ebde7a7f519b4566f7072471392d260c535
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:35:47 GMT
server
nginx
etag
W/"6040e233-132c"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:11 GMT
t.js
theroswaf.com/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theroswaf.com/t.js?i=h467k7ui0zapfqk8qs&cb=8653211614865271891
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-82.fra50.r.cloudfront.net
Software
/
Resource Hash
8a77481ad90690b4a8c98cdb517598ac3d6b892384ffddb50b9e822f2dd5a701

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2uR1AVskp5CWO9rr10iiTq5i3cX3pHwwxqLXGZg8UOjCeWn63g0GKg==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C9AA 		48 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60a04615ccebb6f0142305b01fe70bcb14b1bfc57945f1fb4d68453a412c86f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUknDIdqwSkIZ19d70q5-pMaiRLp4S5zkdf6xM-voYNFAqTI3WylhyzTWqD37-c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 04 Mar 2021 13:41:12 GMT
server
cafe
content-length
11735
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x277/16x0x492x328/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164909/492x277/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1614865271-TcxjTrakiDVwVe4lfjyW1Dn5G6NUP6BgUysA83xm7Qg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
cf-cache-status
HIT
x-mg-request-uuid
4ec28f1b-43f8-4183-88c3-856682ead5a7
age
2085603
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8002
cf-request-id
089f11a4d200000c853d918000000001
last-modified
Mon, 08 Feb 2021 10:20:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ab854e1b100c85-AMS
1282.js
jsn.24smi.net/e/7/13248/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248/1282.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
5d082adcf7c6f2ba4883dd04bcda56cb6e86e053250cae79d5ff025e164738bb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:35:47 GMT
server
nginx
etag
W/"6040e233-10f0"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:11 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9625 		86 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16ffd4ab4fe1a8905f9b656bc2eb23b06eca161a93bad15da7f0c711d0b1242e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUknDIdqwSkIZ19d70q5-pMaiRLp4S5zkdf6xM-voYNFAqTI3WylhyzTWqD37-c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 04 Mar 2021 13:41:12 GMT
server
cafe
content-length
27173
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:47:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
140026
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Wed, 02 Mar 2022 22:47:26 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/328x328/81x0x667x667/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/328x328/81x0x667x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1614865271-yMT767RmSX26K-aGlR0qhpgLXjBE3LGlvCkMJNRsn0c
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82a27787438fb42a1d78db250abc9f4ca19b78ae63f548626d0bfc65bc641a04

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
cf-cache-status
HIT
x-mg-request-uuid
7633a336-f0e2-4439-b926-950c7b84902d
age
2085518
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17434
cf-request-id
089f11a50700000c85f0386000000001
last-modified
Mon, 08 Feb 2021 10:20:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ab854e7bed0c85-AMS
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp
s-img.mgid.com/g/8164885/328x328/83x0x825x825/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164885/328x328/83x0x825x825/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp?v=1614865271-49cu65vCW1AvHLGvApM_vs3P1a_BVvfka94bKv6De_Y
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8193fdcafe6bb993c62d7740cda830c43b6429b0a49982c2c8644d1e7cf5af

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
cf-cache-status
HIT
x-mg-request-uuid
e65f28b8-cf1f-46f9-b97b-b4093abe132f
age
2085025
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17556
cf-request-id
089f11a50700000c850a033000000001
last-modified
Mon, 08 Feb 2021 10:20:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ab854e7bef0c85-AMS
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto;0.13905199362256182
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto;0.13905199362256182
147 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto;0.13905199362256182
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
99c903c72fdb910d5eb782f4eca204d5a599d2314a8f708c18fbe462e945a5c9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:12 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
147
Expires
Tue, 03 Mar 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:12 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto;0.13905199362256182
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 03 Mar 2020 21:00:00 GMT
3_3_1.png
i.i.ua/r/
Redirect Chain
  • https://r.i.ua/s?u224079&p264&n0.43244163004138714&c1&d24&w1600&h1200&rnewsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
  • https://i.i.ua/r/3_3_1.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_3_1.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Last-Modified
Mon, 19 Mar 2007 13:53:49 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1233
Expires
Fri, 04 Mar 2022 13:41:12 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:12 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location
https://i.i.ua/r/3_3_1.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
0
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1357063670&t=pageview&_s=2&dl=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&ul=en-us&de=UTF-8&dt=%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%D0%B8%20%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82%20%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8%20%D1%81%D0%B5%D0%BC%D0%B5%D0%B9%20%D1%81%20%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D0%BC%D0%B8%20(%D0%A4%D0%9E%D0%A2%D0%9E)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=629737997.1614865271&tid=UA-80712032-1&_gid=242620867.1614865271&z=1192301965
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 05:11:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30554
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/ 		210 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
5b6af4f6add28b5c5ecbe48a7929479d22e120966c65a16915d7e797f418a598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
br
last-modified
Sat, 20 Feb 2021 13:25:23 GMT
etag
"603cae04-1072e"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67374
expires
Thu, 04 Mar 2021 14:41:12 GMT
/
utarget.ru/ranging/00cb2399e4/js/ 		54 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/ranging/00cb2399e4/js/?rand=9927&cookie=0
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software
nginx /
Resource Hash
1dcc726eecce7fb39fa84cb07d5b5053994f165902c891a261f543a635c2f64b

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Server
nginx
P3P
CP="NON DSP COR CURa TIA"
Vary
Accept-Language, Cookie
Content-Language
ru
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=utf-8
cfg
data.24smi.net/ 		353 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=14482&ver=13&callback=__smiCb1614865271262
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
a72385e583d9b723dbd22ba9f9113d2a932875f41db89004846d98c752db04f6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
no-store
server
nginx
content-length
353
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame 6216 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:12 GMT
mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 		22 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.687498.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2860aec72f2ec742422cce67e19134ae576581a04c608857c6fbba6db0c66be1

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-cached-since
2021-02-22T18:46:25+00:00
content-length
3244
last-modified
Tue, 04 Aug 2020 12:46:16 GMT
server
nginx
etag
"5842-5ac0ca416b9a5-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
x-vhost-ver
3787631609560122666
expires
Tue, 22 Feb 2022 18:46:25 GMT
k3k702ZOKiLJc3WVjuplzOXREeHhJi4GEUJI9ob_ak4.woff2
fonts.gstatic.com/s/opensans/v10/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOXREeHhJi4GEUJI9ob_ak4.woff2
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da489bfe3ba801f5e650f477a160e9a0bad62c872558d07573f4ca9e0e05e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 01:51:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:06:33 GMT
server
sffe
age
474586
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21820
x-xss-protection
0
expires
Sun, 27 Feb 2022 01:51:26 GMT
aHR0cDovL2ltYWdlcy1ydS1zb3VyY2VzLnMzLmV1LWNlbnRyYWwtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81ZDY1NjViMDdlYjQ2LmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy1ydS1zb3VyY2VzLnMzLmV1LWNlbnRyYWwtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81ZDY1NjViMDdlYjQ2LmpwZWc.jpg?v=1614865271-qx3BP78GHf6gLYLvsiKahoZHBvvAX3TzWaqMn4IPyQU
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a810cf86ef28e3dcac166c8cfbf5d076b137d4bdec675a8d492fca529976eed9

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
cf-cache-status
HIT
x-mg-request-uuid
0c43f5a1-845a-47f4-bb36-24e7aa3038f4
age
2153950
cf-polished
qual=85, origFmt=jpeg, origSize=31944
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy1ydS1zb3VyY2VzLnMzLmV1LWNlbnRyYWwtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81ZDY1NjViMDdlYjQ2LmpwZWc.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23774
cf-request-id
089f11a5bd00000c8519a72000000001
last-modified
Sat, 23 Jan 2021 14:07:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ab854f9edb0c85-AMS
cf-bgj
imgq:85,h2pri
usync.html
eus.rubiconproject.com/ Frame 0995
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1614865271776677350681
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Mar 2021 13:41:12 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Thu, 04 Mar 2021 13:41:12 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=3cd15a73-aa61-4545-860e-f3ef3d8e06e9&ttl=1617457272
43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=3cd15a73-aa61-4545-860e-f3ef3d8e06e9&ttl=1617457272
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
a51f47b8-d0cf-4394-bd37-d470aaaaf6be
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab85529e330c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a79d00000c85f903c000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=3cd15a73-aa61-4545-860e-f3ef3d8e06e9&ttl=1617457272
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
/
cm.idealmedia.io/setmuidn/ 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l24bsvSOBxF5
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62ab85507aa10c7d-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
089f11a64600000c7d76abb000000001
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=VDqWuFKLq9Rvr5E5Vtrg&pi=mgid&tc=1
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=VDqWuFKLq9Rvr5E5Vtrg&pi=mgid&tc=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
6a0453c5-8881-4b71-b5c6-dd9855311ac5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab85528e200c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a79600000c8548201000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=VDqWuFKLq9Rvr5E5Vtrg&pi=mgid&tc=1
pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT, Thu, 04 Mar 2021 13:41:12 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bidswitch.gif
sync.admanmedia.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l24bsvSOBxF5
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l24bsvSOBxF5
  • https://sync.admanmedia.com/bidswitch.gif?puid=857eb125-2651-408a-b610-17af96be296a&redir=[RED]
42 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/bidswitch.gif?puid=857eb125-2651-408a-b610-17af96be296a&redir=[RED]
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.205.108 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:13 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0

Redirect headers

location
//sync.admanmedia.com/bidswitch.gif?puid=857eb125-2651-408a-b610-17af96be296a&redir=[RED]
date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=26822da5-8155-40f6-8d5b-9ce549a1142d&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=857eb125-2651-408a-b610-17af96be296a&gdpr=&gdpr_consent=&us_privacy=
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=857eb125-2651-408a-b610-17af96be296a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
23c262d2-e2d8-49d5-8d45-3ea065a2d268
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab8557cbde0c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11aadb00000c85e08c7000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=857eb125-2651-408a-b610-17af96be296a&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 04 Mar 2021 13:41:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDI0YnN2U09CeEY1&muidn=l24bsvSOBxF5
  • https://cm.mgid.com/google?muidn=l24bsvSOBxF5&google_ula={guid},5&google_gid=CAESEDOdn6QdBJQi3gYZIcOMVFc&google_cver=1
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l24bsvSOBxF5&google_ula={guid},5&google_gid=CAESEDOdn6QdBJQi3gYZIcOMVFc&google_cver=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab85511a8c0c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a6b100000c85e4bad000000001

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l24bsvSOBxF5&google_ula={guid},5&google_gid=CAESEDOdn6QdBJQi3gYZIcOMVFc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cm.lentainform.com/setmuidn/ 		0
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l24bsvSOBxF5
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62ab8550ea459d66-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11a69200009d660e121000000001
ads
googleads.g.doubleclick.net/pagead/ Frame 0F41 		92 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adb9fb96cf97c0a806d0ead19172181dfaad2ec337d22f5bf93896b6217db0a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn0fVOUOqadZZLwz4shqQqFcKmninKhNtqtE9xewChkrQpCeKL3ZrK6eiEDl-8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 04 Mar 2021 13:41:12 GMT
server
cafe
content-length
15521
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adSrcNoUi.js
video-native.mgid.com/scripts/ 		1 KB
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/scripts/adSrcNoUi.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.687498.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-cached-since
2020-11-19T04:22:27+00:00
content-length
481
last-modified
Mon, 28 Sep 2020 12:35:01 GMT
server
nginx
etag
"56d-5b05ee52e311c-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
x-vhost-ver
3787631609560122666
expires
Fri, 19 Nov 2021 04:22:27 GMT
aniview.js
player.aniview.com/script/6.1/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.687498.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:184::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzMZGl6HzLxL4DzdDBB3kEjgOceS2HPrqXI6S5iAmBU1ZP6FyCxmzQr8TiaI-811P5NFkvA6LKdiTJAGj9UjTfUPSxLeQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9025
last-modified
Wed, 03 Feb 2021 11:37:22 GMT
server
UploadServer
etag
"b07b626603dc9e6121e6bea0651d4d48"
vary
Accept-Encoding
x-goog-hash
crc32c=BpGuWw==, md5=sHtiZgPcnmEh5r6gZR1NSA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1612352242886279
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9025
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 04 Mar 2021 13:46:12 GMT
native.css
video-native.mgid.com/mgPlayer/css/1.11/ 		48 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/native.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.687498.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ad90f960243beeea5c703298139b6a6efe60425bcbd045a71c69049322d2bc19

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-cached-since
2020-11-09T10:59:10+00:00
content-length
8125
last-modified
Mon, 12 Oct 2020 08:57:59 GMT
server
nginx
etag
"bf39-5b1757ec97a78-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
x-vhost-ver
3787631609560122666
expires
Tue, 09 Nov 2021 10:59:10 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5ac2203f073ef46a6856c7b0&cid=5c76455c073ef42c784ad54f&e=playerLoaded&cb=1614865272262
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.198.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
loader.js
news.2xclick.ru/ Frame B37F 		85 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/loader.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
ec5f165087df17f3e42b3dd772feaa4cb90a47a130f0e6000a29aad4aadfb666

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 11:25:45 GMT
Server
nginx/1.10.3
ETag
"603f7239-428c"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
application/javascript
Content-Length
17036
Expires
Fri, 05 Mar 2021 13:41:12 GMT
analytics.js
www.google-analytics.com/ Frame 7185 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2490&unit_id=2490&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5916
date
Thu, 04 Mar 2021 12:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 04 Mar 2021 14:02:36 GMT
jsunit
a4p.adpartner.pro/ Frame 7185 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2490&ref=&session_id=88431b39-e266-42b8-b900-80baaae6c627&session_pageview=1&site_visited=1&unit_id=2490
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2490&unit_id=2490&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
a8878e89ab7ac431c06dc278dcb3d61905ab15e12d6c47ad7f3e511535c5d70b

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=2490&unit_id=2490&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame D75F 		20 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=5687&ref=&session_id=88431b39-e266-42b8-b900-80baaae6c627&session_pageview=1&site_visited=1&unit_id=6566
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=5687&unit_id=6566&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d51ec12a9fe09e512ddea28fa358cc1bc5e4a87e98ce5800dd926fc472eea4c0

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=5687&unit_id=6566&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame B522 		26 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=&session_id=88431b39-e266-42b8-b900-80baaae6c627&session_pageview=1&site_visited=1&unit_id=2489
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=613&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
218b1133d4a4b53571d28251fcc26f8c6ec50175dfa6f391c146fd2afcefb836

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=613&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1C6A 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: theroswaf.com
URL: https://theroswaf.com/t.js?i=h467k7ui0zapfqk8qs&cb=8653211614865271891
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
fa0c40e8dc6476b7488ce93d88266c4ad269795b4a25209d0f02b9b707a4e28c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"801 / 447 of 1000 / last-modified: 1614859934"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19575
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:12 GMT
65195605
mc.yandex.ru/watch/
Redirect Chain
  • https://rtb.com.ru/prodmp-client-sync
  • https://rtb.com.ru/sync?sspKey=45&sspUserID=6040e3781504a073555fa692
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=6040e3781504a073555fa692&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D6040e3781504a073555fa692%26r...
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D6040e3781504a073555fa692%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526...
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=6040e3781504a073555fa692&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6040e3781504a073555fa692%26dest%3Dhttps%253A%252F%252Fdmg.d...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=6040e3781504a073555fa692&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6040e3781504a073555fa692%26dest%3Dhttps%253A%252F%252Fdmg....
  • https://prodmp.ru/li?guid=B8D17A35233D3563E8E3&uid=6040e3781504a073555fa692&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6040e3781504a073555fa692%26dest%3Dhttps%253A%252F%252Fdmg.di...
  • https://an.yandex.ru/mapuid/dmpmediadesk/6040e3781504a073555fa692?sign=61718f21&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6040e3781504a073555fa692%26dest%3Dhttps%253A%252F...
  • https://x01.aidata.io/0.gif?pid=6472613&id=6040e3781504a073555fa692&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D6040e3781504a073555fa692%26i%3D5449001078785470105%26r%...
  • https://x01.aidata.io/0.gif?pid=6472613&id=6040e3781504a073555fa692&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D6040e3781504a073555fa692%26i%3D5449001078785470105%26r%...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=6040e3781504a073555fa692&i=5449001078785470105&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3...
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=1QqLH.BWOnKa8Ib7A2IV&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100...
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEGhh0aZcTheuFVJrbb6cxRU&ver=1&google_error=&code=224&ts=1QqLH.BWOnKa8Ib7A2IV&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=6040e3781504a073555fa692&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D6040e3781504a073555fa692%26nc%3D818408079...
  • https://cm.p.altergeo.ru/spnd?aid=6040e3781504a073555fa692&nc=8184080794480782815&url=https%3A%2F%2Ffront.redllama.ru%2Fapi%2FPixel%2FTraffic%2F%3FsystemName%3DAdspend%26id%3D6040e3781504a073555fa6...
  • https://cm.p.altergeo.ru/spnd?aid=6040e3781504a073555fa692&nc=8184080794480782815&url=https%3A%2F%2Ffront.redllama.ru%2Fapi%2FPixel%2FTraffic%2F%3FsystemName%3DAdspend%26id%3D6040e3781504a073555fa6...
  • https://front.redllama.ru/api/Pixel/Traffic/?systemName=Adspend&id=6040e3781504a073555fa692&red=https%3A%2F%2Fmc.yandex.ru%2Fwatch%2F65195605
  • https://mc.yandex.ru/watch/65195605?rdmsId=2526858068053697280
43 B
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/65195605?rdmsId=2526858068053697280
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:16 GMT
last-modified
Thu, 04-Mar-2021 13:41:16 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 04-Mar-2021 13:41:16 GMT

Redirect headers

location
https://mc.yandex.ru:443/watch/65195605?rdmsId=2526858068053697280
date
Thu, 04 Mar 2021 13:41:16 GMT
server
Kestrel
content-length
0
1
mc.yandex.ru/watch/65331736/
Redirect Chain
  • https://mc.yandex.ru/watch/65331736
  • https://mc.yandex.ru/watch/65331736/1
43 B
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/65331736/1
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Thu, 04-Mar-2021 13:41:12 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 04-Mar-2021 13:41:12 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Thu, 04-Mar-2021 13:41:12 GMT
strict-transport-security
max-age=31536000
location
/watch/65331736/1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 04-Mar-2021 13:41:12 GMT
css
fonts.googleapis.com/ 		3 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,600&display=swap
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0c247fa34bdf7b74a945515437e05c3162058575457b366bdd239bea640c412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 12:58:16 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:12 GMT
/
m.mixadvert.com/show/load/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5876&id_name=pkhbz&teaser_name=dKomiey&block_name=ldDbdq&ban_teaser=&r=0.7183503864990175&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.22603523465599284
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
9687c00072c5c0e774a3ffc7e82e1a615f043d56b2f9d3e9c8c6dfecfad3cc5f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
block_head.png
mixadvert.com/images/logo/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
/
dmg.digitaltarget.ru/2/ 		27 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmg.digitaltarget.ru/2/?a=850
Requested by
Host: pwrlkyotm.com
URL: https://pwrlkyotm.com/pixels/match.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
cb2ceca31b227200f66a8c40c58623193dbb8dc5610ebfaed5920a0d9b323fdd

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://newsyou.info
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type
/
ybej5ohp0x.ru/v4/show/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ybej5ohp0x.ru/v4/show/?c88549c8-e68e-427d-9340-ac2d71c64d7c=0&494ce6c=1600;1200&59eaf8c=%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%D0%B8%20%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82%20%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8%20%D1%81%D0%B5%D0%BC%D0%B5%D0%B9%20%D1%81%20%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D0%BC%D0%B8%20(%D0%A4%D0%9E%D0%A2%D0%9E)&cbbec5=0&bene-bahidegozinuwojalude=6944;610;175;17177&xunexesiku-goguhagatuyedu=49959;610;175;17522&denehuvawu-joyurufazovilo=48184;610;175;19373&cuvos-inunoqamixopuzatafu=12512;300;805;679&himoyad-iwemotutizewofuqu=8032;300;805;697&zevoxuduj-icuwarugezeyuqa=6993;300;805;2600
Requested by
Host: ybej5ohp0x.ru
URL: https://ybej5ohp0x.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
96f92bb1fd9b43f3470e66604d3371aa24bb099eff812dbbd9cc35fe711ab2c3

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-adsbid-request
59485eff6782a505c70735dea97458ae
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
server
nginx/1.18.0
/
m.mixadvert.com/show/ Frame DCC3 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7879
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
92d07b6cd9ea5bb430c873f33df1e58ea20fa484b2874d82b7022f22fa784e59
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame DCC3 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=https%3A%2F%2Fnewsyou.info%2F&0.8069580759960533
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
682ffe96d9ea2ce39f121fa5158b12f434eecd712d301db2f1747196f8972b1e

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
integrator.js
adservice.google.nl/adsid/ Frame 6216 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=newsyou.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6216 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6216 		31 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3568711555965214&correlator=2721891390141216&output=ldjh&impl=fifs&eid=21068529%2C21068601%2C31060348&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=21671350435%2C728x90-newsyou.info&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&cdm=newsyou.info&bc=31&abxe=1&lmt=1614865272&dt=1614865272472&dlt=1614865271744&idt=712&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=175&adys=18033&adks=3183105621&ucis=3yqgbwro0y69&ifi=1&ifk=1054812728&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&top=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1941399221&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
fa4e5eaff8030b336a414c7ceb3633873a63ed9963ca40cb40851e292c358684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11406
x-xss-protection
0
google-lineitem-id
5274402841
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138300733128
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newsyou.info
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3a6abf2073eefe788fd8f678a351018c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://3a6abf2073eefe788fd8f678a351018c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
utarget.ru/is_clickunder/ 		16 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/is_clickunder/
Requested by
Host: utarget.ru
URL: https://utarget.ru/ranging/00cb2399e4/js/?rand=9927&cookie=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software
nginx /
Resource Hash
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Vary
Cookie, Accept-Language
Content-Language
ru
gnezdo_logo.png
news.gnezdo.ru/src/ Frame F68A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/src/gnezdo_logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
7dd273fa5e1dd18e0362e35f68917c499abd326015b5d93b8e118e343159f939

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Last-Modified
Mon, 08 Jul 2019 04:50:37 GMT
Server
nginx/1.10.3
ETag
"5d22cb9d-c54"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3156
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1078317_16d75922f8.jpg
zn2.2xclick.ru/img/180x180/317/ Frame F68A 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/180x180/317/1078317_16d75922f8.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
b8c9221a038c12c40b0e638f7d43c5cb5ad37fabc27d5481f9a9c299ecda6345

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Thu, 25 Feb 2021 14:52:29 GMT
server
nginx
etag
"6037b9ad-1d3f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7487
expires
Thu, 31 Dec 2037 23:55:55 GMT
1079426_aa2e14e1cd.jpg
zn2.2xclick.ru/img/180x180/426/ Frame F68A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/180x180/426/1079426_aa2e14e1cd.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
b96e3463e657d1915ec693eaff27a79892ea150ce147b5bd781a2e9606e1ac5a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Sun, 28 Feb 2021 07:06:31 GMT
server
nginx
etag
"603b40f7-239e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
9118
expires
Thu, 31 Dec 2037 23:55:55 GMT
1077320_d985a2f0ad.jpg
zn2.2xclick.ru/img/180x180/320/ Frame F68A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/180x180/320/1077320_d985a2f0ad.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
5a598ced72ebc59626d54581f85a15a1ee6a38d20774bf7da067963e9939469f

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Wed, 24 Feb 2021 11:35:14 GMT
server
nginx
etag
"603639f2-3113"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
12563
expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel.gif
sync.1dmp.io/
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg==
  • https://sync.1dmp.io/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg==&cs=1
35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg==&cs=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg==&cs=1
date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
0100007F78E340605004F924025E335E
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=XV9kdWBA43ddpjc0BR_YAg==
  • https://www.acint.net/rmatch?r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2FSape-dsp%2F$%7BUSER_ID%7D&dp=144&tc=1&euid=XV9kdWBA43ddpjc0BR_YAg%3D%3D
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Ffcgi4.gnezdo.ru%252Fcookie_matching_ssp%252FSape-dsp%252F$%257BUSER_ID%...
  • https://acint.net/rmatch?dp=14&euid=0100007F79E340601500AA5302059303&r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2FSape-dsp%2F$%7BUSER_ID%7D
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78E340605004F924025E335E
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78E340605004F924025E335E
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78E340605004F924025E335E
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&XV9kdWBA43ddpjc0BR_YAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
105
x-xss-protection
1; mode=block
expires
-1
Aub0M5bFBhZQU1drvNCaPbQ
fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=XV9kdWBA43ddpjc0BR_YAg==
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=XV9kdWBA43ddpjc0BR_YAg==&tuid=-4450284218
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/Aub0M5bFBhZQU1drvNCaPbQ
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/Aub0M5bFBhZQU1drvNCaPbQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:12 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/Aub0M5bFBhZQU1drvNCaPbQ
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
1b4ed333-7a8e-523f-a462-45a5c422a6dd
fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=XV9kdWBA43ddpjc0BR_YAg==
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=XV9kdWBA43ddpjc0BR_YAg%3D%3D&crf=1
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/1b4ed333-7a8e-523f-a462-45a5c422a6dd
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/1b4ed333-7a8e-523f-a462-45a5c422a6dd
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/1b4ed333-7a8e-523f-a462-45a5c422a6dd
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
BdbgOg5huBOO49bLb9uf
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-est/
Redirect Chain
  • https://s.uuidksinc.net/match/455/XV9kdWBA43ddpjc0BR_YAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-est/BdbgOg5huBOO49bLb9uf
43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-est/BdbgOg5huBOO49bLb9uf
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx/1.19.0
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-est/BdbgOg5huBOO49bLb9uf
access-control-allow-headers
Content-Type
content-length
0
GxgEzlAt7USk2Pzcqp20
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/
Redirect Chain
  • https://s.uuidksinc.net/match/388/XV9kdWBA43ddpjc0BR_YAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/GxgEzlAt7USk2Pzcqp20
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/GxgEzlAt7USk2Pzcqp20
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx/1.19.0
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/GxgEzlAt7USk2Pzcqp20
access-control-allow-headers
Content-Type
content-length
0
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&tizer_id=13977&r=0.21691797904777355
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx
content-type
image/gif; charset=windows-1251
css2
fonts.googleapis.com/ 		6 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35eb752a28e1c8a5f58c50b67ec0dc7fcb761c3fd3cce4d44ec899185d2b8bc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:24:16 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:12 GMT
css2
fonts.googleapis.com/ 		5 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbec66b49e7f4d4ea2810e1cf8f8f8faae1a2262d3bc51ea62fa7768270b4903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:34:49 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:12 GMT
pxl.jpg
theroswaf.com/ 		597 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theroswaf.com/pxl.jpg?i=h467k7ui0zapfqk8qs&s=513&p=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&rstk=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&h=7577191614865272527
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-82.fra50.r.cloudfront.net
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-length
597
x-amz-cf-id
h6uz2cUtndUbKNqgLJ5YNsdNsi-Ir9e6kD6MpmeaxTFjpiGsiUVm8g==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13978&f=2&ref=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&gw=300&gh=0&gaid=0&gtvm=&ids=0
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
3772a41d7e6ba1d22c444cb68f28e1e42169870238470b22c2ce632d781a10ed

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
adview
googleads.g.doubleclick.net/pagead/ Frame E173 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYqZUd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEhQJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIZPbNCURkZs8ccZU1Ya_4y80gSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi01OTk0Njk3MDI4MzgwNjA5&sigh=VIkPsXbR7ak&tpd=AGWhJmsWOEEBkOeCLm4mQeJXYMk5WUfHOFmTeVD78b3V9hkf_HCg3bTtq8dvfRXIU1y81mRg3STbN2Fb_GRtuYX1PPjnXkGOPUbhM6SpYpvyGZxSFCfjcCUXMJilswEhCJY7TG0eP5Ms-z7ivpHLxyd32s5HYUsNcad47lun0cDDLTC8qk5S9ICW7t6AueN1oqt4zZo3znEP-zhf8aPkvMenZMVvstAQ3z9E13WwecmojicFT53wZIs9-WQpc2bdd66VIAazD7Mdw9kUHQmYNYBLEKq10Pxl6SoiCF7u39ITiCwNj0F2phIAXMwkNU1LNx9J4psY5z8se6i_SqzEZbK-he6iGgM-0RwZMPdfjAm_fx-m_Bh4jaSwefdePL4kt_xSmux9-ro01XEjlqoiJoS7_ekie76mXtZfDMGabUSZ5btgw-KZ3agk3bYbpI9m3fj3Rq_nAu3_2PoEcbjO2IX-KXM9jb-JdFu1xT-iLarXGu4zjrJ_yhmHvKvG3GZkJOS_B9CxoiY1GZX35IiMauEhFoMSEfyPo2vw54n7AW4eOf7MQ0M8Luo4m-rDfyUsiVWfMVwMpupHVc1s4RIwLfsgknA1PoqMTnRtY1Nc9GqJiX2OeCI0hijDcnRIhDYB3NDV8F12BRB7Ah857BckhAu-80l0cUXUpPwmxvNHFJwb7A-uGrBppsZMcIsV-rIuLWjp_AG4AlhIaWEgUXGDq6t_2bTAZFU5AuGrrBHC_xXZN5oKXazObM9UozIxklSlkixGZVawptaFwMPN71Wdb6pq5xPXoQKfh4OBfo8M_-CtWfOSaDzCIFy4qd9IB7RH_DIX0HTfuhw19Irfv16SGuWqg3UkOpBSSPRGWyV636iiMrLxFwc_zqipi51XwFRxPTaU9VxQLJE1rsi32gkD40g9KUlA3FQTIMkGGgvYgMaJ04ag3GllO8cE-FYVojm_-v9HNWfRKbzcVQtM4cjJbHkxzyd0Zj6BfUYzqOsI4kB9_qWjbo4EnS6emvOqHdVjb_qdrHjl2PHbDpUlTxLs2Gz3nPPfa_0
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 04 Mar 2021 13:41:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
js
tags.mathtag.com/notify/ Frame E173 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOaE9UVXpOakF0T1Roak5TMDVaakE1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxOTQ1MjU1NTYyNDA1MjU0MzEvNjYyMjMyOC80NTYyMzA2LzQvQ3poeHJlWGRXMFB6d1NtSXVQZ1k0SHpvSU5BOG5IYTF6Qk9oYkU0SjJkVS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTk0NTI1NTU2MjQwNTI1NDMxL3pyaC8wLzg1NS82MS85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYxNDg2NTI3MS8xNjE0ODc3ODcxLzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/BcvZUhGGf3Wfv3NFZFSK4VYH8rQ&nodeid=232&group=eu&auctionid=4194525556240525431&sid=4562306&cid=6622328&bp=a_biabic&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.193.2 /
Resource Hash
2bfd0314c1c21fe72f3c30f4654580d840d34c5c733dcf6fd91fd36e94044c68

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1614865271
Last-Modified
Thu, 04 Mar 2021 13:41:11 GMT
Server
MMBD/3.193.2
x-mm-latency
1 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x73, zrh-bidder-x29
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Thu, 04 Mar 2021 13:41:11 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame E173 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 13:40:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E173 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame E173 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 13:39:53 GMT
jsunit
a4p.adpartner.pro/ Frame 49A4 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2501&ref=&session_id=88431b39-e266-42b8-b900-80baaae6c627&session_pageview=1&site_visited=1&unit_id=2501
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2501&unit_id=2501&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
eb7665cb23c8e60f134135531709066e420c5a972f605ae6b6ebfcfc9d812315

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=2501&unit_id=2501&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 04 Mar 2021 13:41:12 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
44453875
mc.yandex.ru/watch/ 		186 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj6265%3Afp%3A1411%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A645298043765%3Ahid%3A405051664%3Az%3A60%3Ai%3A20210304144112%3Aet%3A1614865273%3Ac%3A1%3Arn%3A865565668%3Au%3A1614865273207008336%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614865269752%3Awv%3A2%3Ads%3A0%2C166%2C651%2C5%2C0%2C0%2C%2C1407%2C19%2C%2C%2C%2C2346%3Adsn%3A0%2C165%2C652%2C5%2C0%2C0%2C%2C1406%2C19%2C%2C%2C%2C2346%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614865273%3At%3A%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%D0%B8%20%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82%20%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8%20%D1%81%D0%B5%D0%BC%D0%B5%D0%B9%20%D1%81%20%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D0%BC%D0%B8%20(%D0%A4%D0%9E%D0%A2%D0%9E)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
58bf12ce1dc9898449302ca8eb232f316d8c162382cfdf8260dda43021d6283c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 04-Mar-2021 13:41:12 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Thu, 04-Mar-2021 13:41:12 GMT
pubads_impl_2021030201.js
securepubads.g.doubleclick.net/gpt/ Frame 1C6A 		282 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 09:37:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101677
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:12 GMT
css
fonts.googleapis.com/ Frame 9625 		6 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:21:23 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:12 GMT
gnezdo_logo.png
news.gnezdo.ru/src/ Frame 70F1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/src/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
7dd273fa5e1dd18e0362e35f68917c499abd326015b5d93b8e118e343159f939

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Last-Modified
Mon, 08 Jul 2019 04:50:37 GMT
Server
nginx/1.10.3
ETag
"5d22cb9d-c54"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3156
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1082710_dfb8d0efdf.jpg
zn2.2xclick.ru/img/400x400/710/ Frame 70F1 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/400x400/710/1082710_dfb8d0efdf.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f444f7011ceb3681141d2a61989035bcbd67d05461f549f92996733527d7ba92

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Thu, 04 Mar 2021 10:47:57 GMT
server
nginx
etag
"6040badd-cba3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
52131
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&tizer_id=13978&r=0.14619087621184113
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx
content-type
image/gif; charset=windows-1251
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=21780&f=2&ref=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&gw=300&gh=0&gaid=0&gtvm=&ids=0
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
5ed5cb32c4b81e92f5413c684e6e5bc5823463788cf7f0a041b7ef238fa4dc5b

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
advert.gif
mc.yandex.ru/metrika/ 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Sat, 20 Feb 2021 13:25:23 GMT
etag
"603cae04-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 04 Mar 2021 14:41:12 GMT
XHcEUCFl-720.jpg
video-native.mgid.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video-native.mgid.com/XHcEUCFl-720.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a215dfc619c9f8aa50e5aab45d1ee793c44ffe2a6dcd0bc1ba27dbb3f1cdcff6

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Tue, 02 Apr 2019 14:58:39 GMT
server
nginx
etag
"202c-5858d5f4d012f"
x-cached-since
2020-11-05T13:25:25+00:00
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
8236
x-vhost-ver
3787631609560122666
expires
Fri, 05 Nov 2021 13:25:25 GMT
material.ttf
video-native.mgid.com/mgPlayer/fonts/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/fonts/material.ttf
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
51f9a30cd2c9154738d08001bd13be571efa67dcb91a2a94a458af3b712c0599

Request headers

Origin
https://newsyou.info
Referer
https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Thu, 12 Sep 2019 12:54:14 GMT
server
nginx
etag
"1248-5925aa28273f8"
x-cached-since
2020-11-05T13:29:36+00:00
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
4680
x-vhost-ver
3787631609560122666
expires
Fri, 05 Nov 2021 13:29:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9E6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQhCrPNQh5Z3f847-LQ26PckeqcB4ukG1UrRQ0foIslG5b8B7IGPHPzoLZ3uwMHn0561klTFGcy36bTceH0rGRQHwlzbz3If7vSSBrhIz1NCpJqI99KmoRiycJe780oVylFFlPLFnQWyFxQQA3smFYiIEdvzRzY1yopHbhzTG4at9igY5iusAaRRbrR8-A60jkbA8jAz91udFINj0D5cKbxdSsc4ZQIT7A0cDP9aS_CWBkt58Ic_0wea-frCSS_mszXNt6o8GWofoagHxVb0ScfroDVGMC6DPJNRi8nlwqQKu3Q0k&sig=Cg0ArKJSzISup9jlDTxBEAE&adurl=
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/ Frame 9E6B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dba8373b77d5f4fe9610ef894b1f473168b17582506353d3d88939277b271a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:38:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
16808423653712541117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 13:38:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 9E6B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 13:40:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9E6B 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:12 GMT
l
www.google.com/ads/measurement/ Frame 9E6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl90yvn9dTm9492tt_QADzuz2KairZq2vKz8MvG9gXT_vdA63nZj15xcHl_c3U9DrLWITOmyimdotYtUj2EMRHW2wFEQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
3181831729314583294
tpc.googlesyndication.com/simgad/ Frame 9E6B 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3181831729314583294
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb6d86692cd6763ea425040ea01f9db1af7d9afc3831d9d7befce4cd766a67b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:48:15 GMT
x-content-type-options
nosniff
age
550377
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53072
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 10:50:35 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 04:48:15 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 6216 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6216 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b2bd6b1647ff3cf2c25a20397af6d3319e619b613d795d58795fd59fbe7434d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6604
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame C9AA 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179259
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 9625 		2 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 13:39:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/ Frame 9625 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dba8373b77d5f4fe9610ef894b1f473168b17582506353d3d88939277b271a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:38:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
16808423653712541117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 13:38:22 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 9625 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 13:40:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9625 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 9625 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 13:39:53 GMT
l
www.google.com/ads/measurement/ Frame 9625 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrPb5RNzTcuo6sehDrICMekheZa3hEa2wyT9dlJBgvNnW7KoQ-gL2epqLxxexBSvvDEZd8p18TDGyu8ZrQTe7D_fwE5Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame 9625 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 05:48:51 GMT
server
sffe
age
457496
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Fri, 28 May 2021 06:36:16 GMT
783.js
jsn.24smi.net/b/0/14482/ 		53 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/b/0/14482/783.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
45c0168e6d5e223b47ec19097dd01fcc1ef8be8be262ff5c9801766071d75b2a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:12 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:40:24 GMT
server
nginx
etag
W/"6040e348-d568"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
max-age=3600
expires
Thu, 04 Mar 2021 14:41:12 GMT
css
fonts.googleapis.com/ 		3 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto|PT+Sans
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e08033b820c3d22c09dc67f3e10abe8ed405675a18409a4aa63397e62df07c49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:41:12 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:12 GMT
d0b602462a343806.jpeg
dkrbus.com/.cdn/05a5cf/a2ef40/82d6a09aabe84bf88b32d69d0575b7eb/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkrbus.com/.cdn/05a5cf/a2ef40/82d6a09aabe84bf88b32d69d0575b7eb/d0b602462a343806.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
db7f81715ded59dae908823eb3e055732aa245d8a2f10a6b9d9c025b11f58f76

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 10 Feb 2021 22:48:03 GMT
server
nginx/1.14.2
etag
"602462a3-48af"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
18607
KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 15:30:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:10 GMT
server
sffe
age
339017
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6824
x-xss-protection
0
expires
Mon, 28 Feb 2022 15:30:55 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/13034184115323807884/ Frame 9625 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13034184115323807884/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa6d3593be0bcd2048e99fefe61b616be8c948e3ed4b0afa077f4a4e24e89d31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:20:04 GMT
x-content-type-options
nosniff
age
530468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15687
x-xss-protection
0
last-modified
Wed, 17 Feb 2021 16:59:12 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 10:20:04 GMT
truncated
/ Frame 9625 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=52ff0dba-a782-400f-abe8-df93e6b2b32f
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=52ff0dba-a782-400f-abe8-df93e6b2b32f
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid
5b96e752-742d-4876-b1c8-bd3f2a4a231e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab85542a090c85-AMS
content-type
image/gif
cf-request-id
089f11a89c00000c854f384000000001
server
cloudflare
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=52ff0dba-a782-400f-abe8-df93e6b2b32f
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid
f0ace333-afda-4489-97ae-381501cf09de
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab85542a0e0c85-AMS
content-type
image/gif
cf-request-id
089f11a89c00000c8538999000000001
server
cloudflare
52ff0dba-a782-400f-abe8-df93e6b2b32f
s.uuidksinc.net/match/272/ 		0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/272/52ff0dba-a782-400f-abe8-df93e6b2b32f
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx/1.19.0
access-control-allow-headers
Content-Type
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://recreativ.ru/mtch/31/52ff0dba-a782-400f-abe8-df93e6b2b32f
  • https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=60320519184
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=60320519184
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=60320519184
hn
b12
date
Thu, 04 Mar 2021 13:41:12 GMT
server
nginx
content-type
text/html; charset=UTF-8
pix
dsp-trk.eskimi.com/ 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=52ff0dba-a782-400f-abe8-df93e6b2b32f
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
via
1.1 google
alt-svc
clear
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.160 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:24 GMT
server
nginx
x-backend-id
f21-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:23 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f21-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=A7282016-03BE-4B43-9ECF-81872F01C61C&id=52ff0dba-a782-400f-abe8-df93e6b2b32f
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=1c6627c8475e45e6becc7c81d750a0a9
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=1c6627c8475e45e6becc7c81d750a0a9
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:13 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Thu, 04 Mar 2021 13:41:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=1c6627c8475e45e6becc7c81d750a0a9
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=52ff0dba-a782-400f-abe8-df93e6b2b32f
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
123
x-xss-protection
1; mode=block
expires
-1
usync.js
eus.rubiconproject.com/ Frame 0995 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1dcacffd5056e8521c39d12085fe6a73b310f80bd764e77e067ff15b49a715d3

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26242
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Thu, 04 Mar 2021 20:58:34 GMT
XHcEUCFl-26327326.mp4
video-native.mgid.com/ 		18 KB
18 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/XHcEUCFl-26327326.mp4
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
761b309e550425464d627968eee8c2fc2e1b2268a7729ce004f75b75e196ad06

Request headers

Referer
https://newsyou.info/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc31
date
Thu, 04 Mar 2021 13:41:12 GMT
last-modified
Tue, 02 Apr 2019 14:58:45 GMT
server
nginx
access-control-allow-origin
*
etag
"4959-5858d5fa3b555"
x-cached-since
2020-11-05T13:25:26+00:00
content-type
video/mp4
Content-Range
bytes 0-18776/18777
cache-control
max-age=290304000, public
cache
HIT
Content-Length
18777
x-vhost-ver
3787631609560122666
expires
Fri, 05 Nov 2021 13:25:26 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame EC23 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:184::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzUaSPhANsryb_rbI1PkUu-Ius70zssgT8xaYez98wiXn3nIRQKiGmhH6n-KkTskj32WeAn2eKbsG_MRp0NiDs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95778
last-modified
Wed, 24 Feb 2021 08:53:38 GMT
server
UploadServer
etag
"06ac451dcb93e2560f9563c8286b920c"
vary
Accept-Encoding
x-goog-hash
crc32c=8jEwgw==, md5=BqxFHcuT4lYPlWPIKGuSDA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156818658566
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95778
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 04 Mar 2021 13:46:13 GMT
d03602462a48c3ec.jpeg
dkrbus.com/.cdn/05a5cf/a2ef40/82d6a09aabe84bf88b32d69d0575b7eb/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkrbus.com/.cdn/05a5cf/a2ef40/82d6a09aabe84bf88b32d69d0575b7eb/d03602462a48c3ec.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5971c69a6dd6c49114f2eb9847cc9e8bdbb4ea9a5918b6a8580750a780bc9016

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 10 Feb 2021 22:48:04 GMT
server
nginx/1.14.2
etag
"602462a4-3eb6"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
16054
jquery_1_7_2.js
m.mixadvert.com/show/application/js/ Frame DCC3 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/application/js/jquery_1_7_2.js
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 /
Resource Hash
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Mon, 17 Oct 2016 18:47:41 GMT
server
nginx/1.12.0
etag
"58051ccd-17278"
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
94840
expires
Thu, 31 Dec 2037 23:55:55 GMT
h78o6ojw9z7r
hal9000.redintelligence.net/zone/ Frame E173 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=4194525556240525431&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4194525556240525431%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D59a56040-e378-4901-8a9f-b30c76f1aa1b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
00983f224dff6380e7ac091460c0a4efa3e1a98681e77586bbbdf44cec7be83a

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3424
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame E173 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=4194525556240525431&node_id=232&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOaE9UVXpOakF0T1Roak5TMDVaakE1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxOTQ1MjU1NTYyNDA1MjU0MzEvNjYyMjMyOC80NTYyMzA2LzQvQ3poeHJlWGRXMFB6d1NtSXVQZ1k0SHpvSU5BOG5IYTF6Qk9oYkU0SjJkVS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTk0NTI1NTU2MjQwNTI1NDMxL3pyaC8wLzg1NS82MS85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYxNDg2NTI3MS8xNjE0ODc3ODcxLzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/BcvZUhGGf3Wfv3NFZFSK4VYH8rQ&nodeid=232&group=eu&auctionid=4194525556240525431&sid=4562306&cid=6622328&bp=a_biabic&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.193.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:14 GMT
Server
MMBD/3.193.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x74, zrh-bidder-x29
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 04 Mar 2021 13:41:13 GMT
img
pixel.mathtag.com/event/ Frame E173 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=4194525556240525431&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOaE9UVXpOakF0T1Roak5TMDVaakE1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxOTQ1MjU1NTYyNDA1MjU0MzEvNjYyMjMyOC80NTYyMzA2LzQvQ3poeHJlWGRXMFB6d1NtSXVQZ1k0SHpvSU5BOG5IYTF6Qk9oYkU0SjJkVS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTk0NTI1NTU2MjQwNTI1NDMxL3pyaC8wLzg1NS82MS85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYxNDg2NTI3MS8xNjE0ODc3ODcxLzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/BcvZUhGGf3Wfv3NFZFSK4VYH8rQ&nodeid=232&group=eu&auctionid=4194525556240525431&sid=4562306&cid=6622328&bp=a_biabic&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3518 2f03077 master cdg-pixel-x2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:14 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:12 GMT
img
tags.mathtag.com/event/ Frame E173 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=4194525556240525431&st=4562306&time=1614865272&nodeid=232
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOaE9UVXpOakF0T1Roak5TMDVaakE1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxOTQ1MjU1NTYyNDA1MjU0MzEvNjYyMjMyOC80NTYyMzA2LzQvQ3poeHJlWGRXMFB6d1NtSXVQZ1k0SHpvSU5BOG5IYTF6Qk9oYkU0SjJkVS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTk0NTI1NTU2MjQwNTI1NDMxL3pyaC8wLzg1NS82MS85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYxNDg2NTI3MS8xNjE0ODc3ODcxLzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/BcvZUhGGf3Wfv3NFZFSK4VYH8rQ&nodeid=232&group=eu&auctionid=4194525556240525431&sid=4562306&cid=6622328&bp=a_biabic&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.193.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:14 GMT
Server
MMBD/3.193.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x79, zrh-bidder-x29
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 04 Mar 2021 13:41:13 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 0F41 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
gnezdo_logo.png
news.gnezdo.ru/src/ Frame 7557 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/src/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
7dd273fa5e1dd18e0362e35f68917c499abd326015b5d93b8e118e343159f939

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:13 GMT
Last-Modified
Mon, 08 Jul 2019 04:50:37 GMT
Server
nginx/1.10.3
ETag
"5d22cb9d-c54"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3156
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel.gif
sync.1dmp.io/ 		35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg==
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0
1082705_e138b74e55.jpg
zn2.gnezdo.ru/img/400x400/705/ Frame 7557 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.ru/img/400x400/705/1082705_e138b74e55.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
651860a50c17c8fd1c3632d4b18fddcb8338d3605abd36802ad94ca367657190

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 04 Mar 2021 10:44:18 GMT
server
nginx
etag
"6040ba02-69c7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
27079
expires
Thu, 31 Dec 2037 23:55:55 GMT
1081813_a5199a289e.jpg
zn2.gnezdo.ru/img/400x400/813/ Frame 7557 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.ru/img/400x400/813/1081813_a5199a289e.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
40f390182d679f944c9c4887a31e0b35fc128416be5a02574f06135b4c12fed8

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 03 Mar 2021 10:44:22 GMT
server
nginx
etag
"603f6886-652b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
25899
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&tizer_id=21780&r=0.013919635283776266
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif; charset=windows-1251
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C9AA 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C9AA 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C9AA 		70 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271713
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16397
x-xss-protection
0
server
sffe
date
Mon, 01 Mar 2021 10:12:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2ccf127281514232"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 10:12:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C9AA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C9AA 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
css
fonts.googleapis.com/ Frame C9AA 		3 KB
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700,600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32c3fa6b85b800a4adf64056ab297376221f7683e4ea6d1571778345be600e7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:41:13 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:13 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C9AA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 10:22:27 GMT
x-content-type-options
nosniff
server
cafe
age
11926
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 05 Mar 2021 10:22:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C9AA 		344 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
26491
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 05 Mar 2021 06:19:42 GMT
231dc55b820b51082ad4fa9182995aee.jpg
tpc.googlesyndication.com/sadbundle/18172369406814535347/media/ Frame C9AA 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18172369406814535347/media/231dc55b820b51082ad4fa9182995aee.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0704b2cad70f201f73457b23f394b2e493df57955338d76414017394a45742c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:29:03 GMT
x-content-type-options
nosniff
age
141130
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56662
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 13:04:21 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 22:29:03 GMT
622bb1718a4b7d1b5eb2e9a1e3b5027d.png
tpc.googlesyndication.com/sadbundle/18172369406814535347/media/ Frame C9AA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18172369406814535347/media/622bb1718a4b7d1b5eb2e9a1e3b5027d.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
126bac1a7b90ab24cd6d9476ad8c80994c7f21565a3111d5653bd0efdd6af726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 14:07:44 GMT
x-content-type-options
nosniff
age
603209
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3190
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 13:04:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 14:07:44 GMT
informer
data.24smi.net/ 		1 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1614865273&ptz=3600&pl=en-US&object=13267&template_id=1281&num=2&ref=&output=json&chash=yPSD5GSLlx&subidhasrefresh=hasrefresh_1&extids=&callback=__smiCb1614865271263
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
63f537c8f74c24ebe5c3069ae23893ac3a590a5ce2cb13dbde174d24251d3b77
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
adview
googleads.g.doubleclick.net/pagead/ Frame 9625 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBiuJeONAYL_kA8yd1wae3r6YA7Hh5_hfqLSd_8sN5s_rxIUbEAEguJ7iI2CVAqAB9qzLwQPIAQmpApDMhq9uMLQ-qAMByAPLBKoEkQJP0JPpw0iZln86ppR_Qrd8a-qUK5cdDA6gA53xaL3pRF7vYnC8_pCyP3I9CEo_jZxnikHG5hPHUEQV1mhkeETQuIHXNCZ_zzqPmUaWSD1-ceIOpew7Wlph-dkD54jkHG2mmFxXSmPzfK9bK9RNsHVis6Beg9-JWegr_bJgIXdB-1Ejs5xATsIPkAlvSY2sEgLvCe0BaEHp1U7mRTiFLMqrdcsp8-69wK4ZkDl1othprK4K9HxCOCFzEcT8EsrGrMR6UX5XGdm4ua5cVip1DFtpYc5cqXvLCdI2bJ_aDXSLLBl_-Z08gqIDbBplN5vsONe0z_t25s4Ln246qHb5lvXK39tFq32ijx648sI5sWo7BqzABJul3cCtA6AGLoAHqZSeO6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDlwAHSCAkIgOGAEBABGB-ACgHICwHYEwOyFxoKGAgAEhRwdWItNTk5NDY5NzAyODM4MDYwOQ&sigh=0Xo_KjRobGA&template_id=5000&tpd=AGWhJmvqyYZVBxW7qwQ7v49LF2so_skavInHzRqcrBx0O0vKEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 04 Mar 2021 13:41:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ 		2 KB
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:08:28 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:13 GMT
d0b601288180fe6a.jpeg
dkrbus.com/.cdn/05a5cf/96a3be/ceecaae3f4be4c4286145389bcc00a3d/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkrbus.com/.cdn/05a5cf/96a3be/ceecaae3f4be4c4286145389bcc00a3d/d0b601288180fe6a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
b9c93abdf5c5bbefafc8b698715213d51fe502637e6744ca94c43091945b48d9

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 28 Jan 2021 09:47:04 GMT
server
nginx/1.14.2
etag
"60128818-7da5"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
32165
d0b601d1edfa0a33.jpeg
dkrbus.com/.cdn/05a5cf/a2ef40/58c3d9a2801047a1b1e00210f677bbb4/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkrbus.com/.cdn/05a5cf/a2ef40/58c3d9a2801047a1b1e00210f677bbb4/d0b601d1edfa0a33.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
9c375af459e0d4b9af66e51d4512c4fd178251bbc19e365c83dde15f9c815778

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 05 Feb 2021 10:33:03 GMT
server
nginx/1.14.2
etag
"601d1edf-5bd1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
23505
7697084.jpg
cdn.directadvert.ru/cdn/images/400x400/84/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.directadvert.ru/cdn/images/400x400/84/7697084.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.161.16.136 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef0ec4c973888c72b60db22b13555433ff34f0f1424be80739634b146bea5076

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 24 Jun 2020 17:29:01 GMT
server
nginx/1.16.0
etag
"5ef38d5d-12b89"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
76681
expires
Sat, 03 Apr 2021 13:41:13 GMT
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=11188&f=2&ref=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&gw=613&gh=0&gaid=0&gtvm=&ids=0
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
69302d6a87a3cfac95af75c6711f93a61fa5ee11c6fc5ed5dc85724b4d3b500e

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
jsunit
a4p.adpartner.pro/ Frame DCC3 		26 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&unit_id=2489&session_pageview=1&session_id=88431b39-e266-42b8-b900-80baaae6c627&site_visited=1&ref=https%3A%2F%2Fnewsyou.info%2F&location=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2489&ref=https%3A%2F%2Fnewsyou.info%2F&0.8069580759960533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
eac9800fad6a1d56431378fa97839c9a207ca32301bdd106858da6d2fef9f057

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 04 Mar 2021 13:41:13 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
data-enrichment
dmpprof.com/ 		2 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/data-enrichment?href=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&title=%D0%A4%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%D0%B8%20%D0%B4%D0%B5%D0%BB%D0%B0%D0%B5%D1%82%20%D1%81%D0%BD%D0%B8%D0%BC%D0%BA%D0%B8%20%D1%81%D0%B5%D0%BC%D0%B5%D0%B9%20%D1%81%20%D0%B8%D1%85%20%D0%B6%D0%B8%D0%B2%D0%BE%D1%82%D0%BD%D1%8B%D0%BC%D0%B8%20(%D0%A4%D0%9E%D0%A2%D0%9E)
Requested by
Host: pwrlkyotm.com
URL: https://pwrlkyotm.com/pixels/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6216 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:13 GMT
if
a4p.adpartner.pro/tracker/ Frame BE70 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22e7ebd1bd-dfa6-4723-b956-5a719c615286%22%7D%5D%2C%22unit_id%22%3A6566%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22e7ebd1bd-dfa6-4723-b956-5a719c615286%22%7D%5D%2C%22unit_id%22%3A6566%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
newsyou.info_ref=; apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f; apudmg=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:13 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 01BA 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22e7ebd1bd-dfa6-4723-b956-5a719c615286%22%7D%5D%2C%22unit_id%22%3A6566%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22e7ebd1bd-dfa6-4723-b956-5a719c615286%22%7D%5D%2C%22unit_id%22%3A6566%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
newsyou.info_ref=; apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f; apudmg=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:13 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
medfont.ttf
ybej5ohp0x.ru/fonts/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ybej5ohp0x.ru/fonts/medfont.ttf
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3d827b9e8ca09855c5a0bc2edc63a6cf3ad994102a8f4db8aff0af440728fea1

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 19 Nov 2020 12:58:49 GMT
server
nginx/1.18.0
etag
"5fb66c09-ccf8"
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
application/octet-stream
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
52472
b5f3324c-8cb2-43c8-bd8d-c0822b95088a.jpg
vyd5aaalwd.ru/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/b5f3324c-8cb2-43c8-bd8d-c0822b95088a.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a42ffefc5947d2f3a158d429b6d23ff56ac5e247abe2965e1ed5ff40537d9f9c

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 24 Feb 2021 11:39:39 GMT
server
nginx/1.18.0
etag
"60363afb-399c"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
14748
expires
Thu, 31 Dec 2037 23:55:55 GMT
698159a2-c3ce-47c9-b07a-fb647d5e4f66.jpg
vyd5aaalwd.ru/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/698159a2-c3ce-47c9-b07a-fb647d5e4f66.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b3cee94413ff3913261cb4a859fdb3eb69586a429aa2ba02ffaf73543667371c

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 26 Feb 2021 14:20:50 GMT
server
nginx/1.18.0
etag
"603903c2-3159"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
12633
expires
Thu, 31 Dec 2037 23:55:55 GMT
23b5797b-efcc-49b9-be55-55ef4c4a3143.jpg
vyd5aaalwd.ru/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/23b5797b-efcc-49b9-be55-55ef4c4a3143.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f813391fcbcf84ed666e7a36ae6aba399385319e6ada331a56f72f6b4d117131

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Mon, 01 Mar 2021 13:22:58 GMT
server
nginx/1.18.0
etag
"603ceab2-3f98"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
16280
expires
Thu, 31 Dec 2037 23:55:55 GMT
833f46b4-9578-4a21-a5d1-4eb07dda2a5b.jpg
vyd5aaalwd.ru/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/833f46b4-9578-4a21-a5d1-4eb07dda2a5b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e8d1606ef8ea600088ce8ca1b2405ec3e59dafa17e01e520e54bb768535634df

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 19 Feb 2021 10:52:11 GMT
server
nginx/1.18.0
etag
"602f985b-2e9a"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
11930
expires
Thu, 31 Dec 2037 23:55:55 GMT
b5f3324c-8cb2-43c8-bd8d-c0822b95088a.jpg
vyd5aaalwd.ru/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/b5f3324c-8cb2-43c8-bd8d-c0822b95088a.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a42ffefc5947d2f3a158d429b6d23ff56ac5e247abe2965e1ed5ff40537d9f9c

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 24 Feb 2021 11:39:39 GMT
server
nginx/1.18.0
etag
"60363afb-399c"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
14748
expires
Thu, 31 Dec 2037 23:55:55 GMT
698159a2-c3ce-47c9-b07a-fb647d5e4f66.jpg
vyd5aaalwd.ru/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/698159a2-c3ce-47c9-b07a-fb647d5e4f66.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b3cee94413ff3913261cb4a859fdb3eb69586a429aa2ba02ffaf73543667371c

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 26 Feb 2021 14:20:50 GMT
server
nginx/1.18.0
etag
"603903c2-3159"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
12633
expires
Thu, 31 Dec 2037 23:55:55 GMT
dc354cbc-e04d-421f-88b4-aacdfe154034.jpg
vyd5aaalwd.ru/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/dc354cbc-e04d-421f-88b4-aacdfe154034.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
57c388103b9416016afc0b1f8f645f93b7f9afa03fc7e117e7d7ff783843d953

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 18 Feb 2021 10:01:02 GMT
server
nginx/1.18.0
etag
"602e3ade-54be"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
21694
expires
Thu, 31 Dec 2037 23:55:55 GMT
1d12f258-9e6e-4b7c-a422-a33b27ddabb5.jpg
vyd5aaalwd.ru/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/1d12f258-9e6e-4b7c-a422-a33b27ddabb5.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
02802963fc744cf9a4e963c1bde07455804d66cdbc99fe94d53e95c56f8e89a9

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 30 Oct 2020 13:58:37 GMT
server
nginx/1.18.0
etag
"5f9c1c0d-24bb"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
9403
expires
Thu, 31 Dec 2037 23:55:55 GMT
9ca4391d-71a9-4462-8ea7-703fa0082f2e.jpg
vyd5aaalwd.ru/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/9ca4391d-71a9-4462-8ea7-703fa0082f2e.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6574ad06263cc8a5614647610e22d3701583c52abaa35d7bafd37131a57ffd5f

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 30 Oct 2020 14:02:52 GMT
server
nginx/1.18.0
etag
"5f9c1d0c-41d3"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
16851
expires
Thu, 31 Dec 2037 23:55:55 GMT
e785f70e-1217-4c52-a258-44dce4cde366.jpg
vyd5aaalwd.ru/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/e785f70e-1217-4c52-a258-44dce4cde366.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
139e3708c90835225fe80a594957c569372f76dad997e12e4b690628e5c1a189

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 30 Oct 2020 13:17:53 GMT
server
nginx/1.18.0
etag
"5f9c1281-229c"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
8860
expires
Thu, 31 Dec 2037 23:55:55 GMT
e39c048d-2d3d-4710-a6c4-90b7806bcfdd.jpg
vyd5aaalwd.ru/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/e39c048d-2d3d-4710-a6c4-90b7806bcfdd.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9d42918c50455303066f1a56efd86f3b485b6deb9ea74061bab14721cd61fd53

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Sat, 20 Feb 2021 13:03:10 GMT
server
nginx/1.18.0
etag
"6031088e-3ae1"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
15073
expires
Thu, 31 Dec 2037 23:55:55 GMT
9d2f7a1e-7cb8-43e5-b4e2-238746a26d3b.jpg
vyd5aaalwd.ru/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/9d2f7a1e-7cb8-43e5-b4e2-238746a26d3b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3912f2ac59b2b72727d623cb105f7f44dbe98b962b9f010347fcc12e1fe24678

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 30 Oct 2020 13:47:17 GMT
server
nginx/1.18.0
etag
"5f9c1965-4d38"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
19768
expires
Thu, 31 Dec 2037 23:55:55 GMT
7f74a107-606c-431f-af75-8b3b404216dd.jpg
vyd5aaalwd.ru/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vyd5aaalwd.ru/images/7f74a107-606c-431f-af75-8b3b404216dd.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.155.38 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
df213200600a90d992d7471401155c3e546a0e21a110a09a94405b7b64cfcdb1

Request headers

Origin
https://newsyou.info
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 30 Oct 2020 13:59:14 GMT
server
nginx/1.18.0
etag
"5f9c1c32-21f4"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
8692
expires
Thu, 31 Dec 2037 23:55:55 GMT
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ Frame B37F 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=17974&f=2&ref=https%3A//newsyou.info/&gw=1200&gh=0&gaid=0&gtvm=&ids=0
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
127e107ec4653e38fbd1971b716b89c5f33d85ee1241521b86a36bc7b005cd6a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
/
m.mixadvert.com/show/load/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7881&id_name=mkiiz&teaser_name=hnEcHRz&block_name=AeDato&ban_teaser=&r=0.6757577468077025&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7881&r=0.6380288568359389
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
45ff43a5d97abbcace7bb5f8efe41486eafd9c8b3295891bc5b30d53e67de1c7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
css
fonts.googleapis.com/ 		3 KB
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto|PT+Serif
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
200a8bef77045b2d5b4243739312e84579bfddd817d18893d3b7055a47ec161d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:41:13 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:13 GMT
if
a4p.adpartner.pro/tracker/ Frame 014A 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22656d2eb9-af9b-462f-b888-70ff2c0286bc%22%7D%5D%2C%22unit_id%22%3A2490%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22656d2eb9-af9b-462f-b888-70ff2c0286bc%22%7D%5D%2C%22unit_id%22%3A2490%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
newsyou.info_ref=; apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f; apudmg=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:13 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 0F41 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 0F41 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 0F41 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271713
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16397
x-xss-protection
0
server
sffe
date
Mon, 01 Mar 2021 10:12:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2ccf127281514232"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 10:12:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 0F41 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 0F41 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179260
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F41 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 10:22:27 GMT
x-content-type-options
nosniff
server
cafe
age
11926
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 05 Mar 2021 10:22:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F41 		344 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
26491
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 05 Mar 2021 06:19:42 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0F41 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNV8AeONAYJ6rDYmamLAPodmvmAvgntn1W6zL4K2PC_2T-J3_FhABILie4iNglQKgAZyL894CyAEJqQKQzIavbjC0PqgDAcgDCKoEmAJP0E1rri0M-4djSkMb_v9LVtVrqyOHRhfTZR1gch0499wfwXp1yuhsqik7_un3GaEe1SuAXzoJQwVNuutCkf1A0Ye9zdb7dntdb-JRzwocigXQTCKaumLBo3n7aMirbMx9SzC8eH9OmAstqrtA1yiKCBa8spBpkgsrPQV9WnD2r-d1ME4gEqGeuQVEUN2I4fNP7cWnWZbn_HsoKpBUsg736wW-OlGjwE6ZHASmEub98nIQE8SVU0dofjr7eGvbt9jNoleCUBu5sTq3HiMsNTJqAEVRJv52n8GdT9E_7qBnHjJOu6RxnM0TspSXfdY8I2Q_rvRyZXz_rXhCIZ4_npGBFmyrDAk3-5BEQhlxFWn2g9Hal-7jFUvrwATZtpOBlgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzPSMoQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQy8UF0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTU5OTQ2OTcwMjgzODA2MDk&sigh=uez4sD_EDrA&template_id=419&tpd=AGWhJmuCirSj6ArbgUrBlQ9xR9A929kn3O8SPuyBlJkP2T3q-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 04 Mar 2021 13:41:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
if
a4p.adpartner.pro/tracker/ Frame E0C4 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d5474493-3d1f-4a7a-933e-4ea80ff20524%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2234766dc2-7c64-4d1a-8134-c9f4675ac2bc%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2214e139f1-9808-4f75-8533-270303060402%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01%2C%22dsp_id%22%3A23%2C%22rule_id%22%3A0%2C%22show_id%22%3A%220d59fa9a-8e6a-41eb-8926-e989b50d0cac%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22d5474493-3d1f-4a7a-933e-4ea80ff20524%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2234766dc2-7c64-4d1a-8134-c9f4675ac2bc%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2214e139f1-9808-4f75-8533-270303060402%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01%2C%22dsp_id%22%3A23%2C%22rule_id%22%3A0%2C%22show_id%22%3A%220d59fa9a-8e6a-41eb-8926-e989b50d0cac%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
newsyou.info_ref=; apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f; apudmg=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:13 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
truncated
/ Frame C9AA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f37800caa74d3d9cc272b5cb9ead64fd7977e3ccf64c5e8fb7d0015b518b61d8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v19/ Frame C9AA 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700,600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:43:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:51:07 GMT
server
sffe
age
457046
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42444
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:43:47 GMT
truncated
/ Frame 0F41 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fa734a457dae6111e2e4b2568fe29e3d98a592da51ef2464d57a463b6d11beb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
SZPlus_Logo.svg
tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/ Frame 0F41 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/SZPlus_Logo.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a871c50b9af46203eac3c10ec31a5a4379c952d9941902e3a281ad62dd0ac7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 12:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262805
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1587
x-xss-protection
0
last-modified
Wed, 29 Apr 2020 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 12:41:08 GMT
ipad.png
tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/ Frame 0F41 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/ipad.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b9fbd710193207493bc35f6c83d5654b021ff7f3348f558e04116d015f5f307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:04:06 GMT
x-content-type-options
nosniff
age
542227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18881
x-xss-protection
0
last-modified
Wed, 29 Apr 2020 11:19:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 07:04:06 GMT
phone.png
tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/ Frame 0F41 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/phone.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50c76d6daa447e6dbce93366c95f320be4a1280627fd2d00f7a677503c446477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 04:38:43 GMT
x-content-type-options
nosniff
age
32550
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10509
x-xss-protection
0
last-modified
Wed, 29 Apr 2020 11:19:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 04:38:43 GMT
stoerer.svg
tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/ Frame 0F41 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/stoerer.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e591865fbcb696016e24a45f756c814fcdf6a3c4baf62a1e005caabb43b2419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 23:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310388
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2438
x-xss-protection
0
last-modified
Wed, 29 Apr 2020 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Feb 2022 23:28:05 GMT
text_01.svg
tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/ Frame 0F41 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/text_01.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feb9084b15077bef34f89531e897347ac121c82a56bd68df1e72ce11747ebabc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 21:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577076
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3915
x-xss-protection
0
last-modified
Wed, 29 Apr 2020 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 21:23:17 GMT
text_02.svg
tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/ Frame 0F41 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/text_02.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aba15bc99e9d14033ad8c9c774652238f5d75bbab22981bb1cfd4428c6185e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 08:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
537570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2836
x-xss-protection
0
last-modified
Wed, 29 Apr 2020 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 08:21:43 GMT
text_03.svg
tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/ Frame 0F41 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/text_03.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02680a8a95da2d91109f85ba53de1145cd4f317e98fca1b069cf9f25bb93599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 23:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310388
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2292
x-xss-protection
0
last-modified
Wed, 29 Apr 2020 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Feb 2022 23:28:05 GMT
button.svg
tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/ Frame 0F41 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3216351827468133254/300x250px/img/button.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ad749a129e808b621b31f7b9d5b5c0f435c14bf8b64a2452a13212a210fa90e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 10:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11550
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1289
x-xss-protection
0
last-modified
Wed, 29 Apr 2020 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 10:28:43 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BB4B 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 03 Mar 2021 15:30:58 GMT
expires
Thu, 04 Mar 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
79815
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9E6B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2543fda2babd5d0ae13f9c422e25731fcd431bcc15d89ae0cf81ddf81cf05b37

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.nl/adsid/ Frame 1C6A 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=newsyou.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1C6A 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1C6A 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3713751079219583&correlator=258000960531531&output=ldjh&impl=fifs&eid=31060327&vrg=2021030201&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=21671350435%2C300x250-newsyou.info&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3Dd180bf9febf395e9%3AT%3D1614865271%3AS%3DALNI_Ma1gl2qnJBiFr--HYJCrNhhFiVj2Q&cdm=newsyou.info&bc=31&abxe=1&lmt=1614865273&dt=1614865273489&dlt=1614865272288&idt=1189&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1125&adys=3168&adks=2707217295&ucis=7yim44g1snw5&ifi=1&ifk=4137523581&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&top=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=629737997.1614865271&ga_sid=1614865273&ga_hid=420129067&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ffd790027e18ab64c431cfb4b75b12cc7bcb9531ac83cfffb1c69b04aba7ba24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4210
x-xss-protection
0
google-lineitem-id
5367617210
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138311189073
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newsyou.info
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f948bd9696d8d612fa1fb46b776024a4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1C6A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://f948bd9696d8d612fa1fb46b776024a4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 1C6A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
truncated
/ Frame 9625 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aeadea2f11e61dd4067640af64af5dfde3cfdcc624d108baa0374a94677568a1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
if
a4p.adpartner.pro/tracker/ Frame 9ADC 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%224c9c6d66-5ddd-48e0-886d-66a7b078b1fd%22%7D%5D%2C%22unit_id%22%3A2501%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%224c9c6d66-5ddd-48e0-886d-66a7b078b1fd%22%7D%5D%2C%22unit_id%22%3A2501%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%22%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
newsyou.info_ref=; apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f; apudmg=1; buyeruid_13=60320519184
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:13 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
khaos.jpg
token.rubiconproject.com/ Frame 0995 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
view
securepubads.g.doubleclick.net/pcs/ Frame 9E6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZsj7V8ujprhbUdFlLbqwA4Ug13_yIrAIUpfY-E_OvW9NFEsOSIaCclhbADac5nO71iqv3GE8FJr_WTznHcQl-rZagU-lPxieetV_uu_Oot5LUKer2xdTOAFGpU0GV-9Na3-IUUbDLU4oFtsSRNPnaE55co-aHOcs4z4xsdKOQbl6L4MWmqVTnmy9FxWAImJs_MYNrRJPeSZ-njhJS4wCvDkf58TR5daKg4WESsZQTb2AeGTMiyktWp28Am9WNPxYlytbpTwH33-41sJvOaxsGObYJynKG2cg63ysfPY9E3hejLfs5oA&sig=Cg0ArKJSzE-T9b4j2MrSEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:13 GMT
/
ybej5ohp0x.ru/v4/buyout/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ybej5ohp0x.ru/v4/buyout/
Requested by
Host: ybej5ohp0x.ru
URL: https://ybej5ohp0x.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
gnezdo_logo.png
news.gnezdo.ru/src/ Frame 5D18 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/src/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
7dd273fa5e1dd18e0362e35f68917c499abd326015b5d93b8e118e343159f939

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:13 GMT
Last-Modified
Mon, 08 Jul 2019 04:50:37 GMT
Server
nginx/1.10.3
ETag
"5d22cb9d-c54"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3156
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel.gif
sync.1dmp.io/ 		35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg==
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0
1081818_9ace95c49c.jpg
zn2.2xclick.ru/img/180x180/818/ Frame 5D18 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/180x180/818/1081818_9ace95c49c.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c44588367b4e8a9c65210c0077285e3cdbc797fe4831cfbab4c8fb6e57f7cb46

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 03 Mar 2021 10:51:57 GMT
server
nginx
etag
"603f6a4d-2ec4"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
11972
expires
Thu, 31 Dec 2037 23:55:55 GMT
1078585_50a5fbcb0f.jpg
zn2.2xclick.ru/img/180x180/585/ Frame 5D18 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/180x180/585/1078585_50a5fbcb0f.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
986a772ee04e4f4961353eb91270006a1729e645b028414d3b510eb632eaaf89

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 26 Feb 2021 03:45:10 GMT
server
nginx
etag
"60386ec6-21f0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8688
expires
Thu, 31 Dec 2037 23:55:55 GMT
1078321_a2fe1fd8e2.jpg
zn2.2xclick.ru/img/180x180/321/ Frame 5D18 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/180x180/321/1078321_a2fe1fd8e2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
32d4666670243a82684d6ae313bf3a00ad38204df748990f9ebb300f7fce21c8

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 25 Feb 2021 14:55:54 GMT
server
nginx
etag
"6037ba7a-21e2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8674
expires
Thu, 31 Dec 2037 23:55:55 GMT
1078381_8e2d1e6a01.jpg
zn2.2xclick.ru/img/180x180/381/ Frame 5D18 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/180x180/381/1078381_8e2d1e6a01.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
15a39cc2f5aab0c67900301640d1578b9850bca519b61e1fd7845d72ce220386

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 03 Mar 2021 12:10:22 GMT
server
nginx
etag
"603f7cae-1f88"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8072
expires
Thu, 31 Dec 2037 23:55:55 GMT
1082057_4eae45236a.jpg
zn2.2xclick.ru/img/180x180/057/ Frame 5D18 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/180x180/057/1082057_4eae45236a.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
6a74f127df042eb9437b5fcdaa3291a20c1781f129e5a6a5ee646eae24d4345d

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 03 Mar 2021 15:47:11 GMT
server
nginx
etag
"603faf7f-178b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
6027
expires
Thu, 31 Dec 2037 23:55:55 GMT
1016293_b330dc2e3a.jpg
zn2.2xclick.ru/img/180x180/293/ Frame 5D18 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/180x180/293/1016293_b330dc2e3a.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
31151eb724c7fa7113078e63bcf9448da4e5769afdacc6c58771fb21e1ec7375

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 13 Nov 2020 06:55:22 GMT
server
nginx
etag
"5fae2dda-23d6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
9174
expires
Thu, 31 Dec 2037 23:55:55 GMT
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&XV9kdWBA43ddpjc0BR_YAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
118
x-xss-protection
1; mode=block
expires
-1
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&tizer_id=11188&r=0.11169102385144636
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif; charset=windows-1251
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9625 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
530527
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 26 Feb 2022 10:19:06 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9625 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:00:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
513632
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sat, 26 Feb 2022 15:00:41 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9625 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
553355
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 03:58:38 GMT
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=10139&f=2&ref=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&gw=300&gh=0&gaid=0&gtvm=&ids=0
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
b53cb7f18cd106fd3c2dcd6cbfac8df83c9b707995e2af2d159a0a4c7a95bbca

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
css
fonts.googleapis.com/ Frame DCC3 		2 KB
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:13:53 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:13 GMT
1px-matching-adpartner.gif
t.trafmag.com/images/ Frame DCC3 		35 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=52ff0dba-a782-400f-abe8-df93e6b2b32f
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"
match
a4p.adpartner.pro/ssp/ Frame DCC3
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=52ff0dba-a782-400f-abe8-df93e6b2b32f
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid
1ad0aeb9-af79-469e-9546-65498bc59694
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab85588dfe0c85-AMS
content-type
image/gif
cf-request-id
089f11ab5900000c85eb33e000000001
server
cloudflare
match
a4p.adpartner.pro/ssp/ Frame DCC3
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=52ff0dba-a782-400f-abe8-df93e6b2b32f
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid
c7741760-f7af-4bd5-8e7a-22cc43e8901e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab85588e020c85-AMS
content-type
image/gif
cf-request-id
089f11ab5800000c850139b000000001
server
cloudflare
match
a4p.adpartner.pro/ssp/ Frame DCC3
Redirect Chain
  • https://recreativ.ru/mtch/31/52ff0dba-a782-400f-abe8-df93e6b2b32f
  • https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=60320519184
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=60320519184
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=60320519184
hn
b24
date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
text/html; charset=UTF-8
pix
dsp-trk.eskimi.com/ Frame DCC3 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=52ff0dba-a782-400f-abe8-df93e6b2b32f
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
via
1.1 google
alt-svc
clear
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/ Frame DCC3 		49 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.160 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:24 GMT
server
nginx
x-backend-id
f21-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px-matching-go2net.gif
m.trafmag.com/images/ Frame DCC3
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=A7282016-03BE-4B43-9ECF-81872F01C61C&id=52ff0dba-a782-400f-abe8-df93e6b2b32f
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MWM2NjI3Yzg0NzVlNDVlNmJlY2M3YzgxZDc1MGEwYTk&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEDCiRF5AaHi1QCJv6t3Uu2M&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=83397a06be544fdba09796f6f3a1a586
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=83397a06be544fdba09796f6f3a1a586
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:14 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Thu, 04 Mar 2021 13:41:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=83397a06be544fdba09796f6f3a1a586
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
d0b5fed9e17c7844.jpeg
dkrbus.com/.cdn/7b7a53/c20ad4/75f38423b2fa4284a84ed3246b3a8031/ Frame DCC3 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkrbus.com/.cdn/7b7a53/c20ad4/75f38423b2fa4284a84ed3246b3a8031/d0b5fed9e17c7844.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
bf37f70cd205d5d7b963c3dc4678662d546ddb454000abdc0b35f8860a9177b3

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 31 Dec 2020 09:47:03 GMT
server
nginx/1.14.2
etag
"5fed9e17-531c"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
21276
d0b601288180fe6a.jpeg
dkrbus.com/.cdn/05a5cf/96a3be/ceecaae3f4be4c4286145389bcc00a3d/ Frame DCC3 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkrbus.com/.cdn/05a5cf/96a3be/ceecaae3f4be4c4286145389bcc00a3d/d0b601288180fe6a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
b9c93abdf5c5bbefafc8b698715213d51fe502637e6744ca94c43091945b48d9

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 28 Jan 2021 09:47:04 GMT
server
nginx/1.14.2
etag
"60128818-7da5"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
32165
d0b602462a343806.jpeg
dkrbus.com/.cdn/05a5cf/a2ef40/82d6a09aabe84bf88b32d69d0575b7eb/ Frame DCC3 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkrbus.com/.cdn/05a5cf/a2ef40/82d6a09aabe84bf88b32d69d0575b7eb/d0b602462a343806.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
db7f81715ded59dae908823eb3e055732aa245d8a2f10a6b9d9c025b11f58f76

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 10 Feb 2021 22:48:03 GMT
server
nginx/1.14.2
etag
"602462a3-48af"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
18607
7697084.jpg
cdn.directadvert.ru/cdn/images/400x400/84/ Frame DCC3 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.directadvert.ru/cdn/images/400x400/84/7697084.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.161.16.136 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef0ec4c973888c72b60db22b13555433ff34f0f1424be80739634b146bea5076

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 24 Jun 2020 17:29:01 GMT
server
nginx/1.16.0
etag
"5ef38d5d-12b89"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
76681
expires
Sat, 03 Apr 2021 13:41:13 GMT
52ff0dba-a782-400f-abe8-df93e6b2b32f
s.uuidksinc.net/match/272/ Frame DCC3 		0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/272/52ff0dba-a782-400f-abe8-df93e6b2b32f
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx/1.19.0
access-control-allow-headers
Content-Type
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
match
dm.hybrid.ai/ Frame DCC3 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=52ff0dba-a782-400f-abe8-df93e6b2b32f
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
124
x-xss-protection
1; mode=block
expires
-1
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=newsyou.info&sn=&cd1=desktop&cd2=0&cd3=native&cd4=346316&cd5=48555bef-7cef-11eb-b15f-d094662f8ab5&cd6=11&ic=0&tgt=0&app=&wi=359&he=202&test=&apppkg=&fv=3&proto=https&pid=5ac2203f073ef46a6856c7b0&cid=5c76455c073ef42c784ad54f&e=inventory&vi=0&cb=1614865273708
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.198.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012101070013000/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa6baeae3cb3f5723d40c311888b0da77590b8dc1353c5c7c6e944e7f6c346ac
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
574463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7295
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f6fcef8ec3898355"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 7CC2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Thu, 04 Mar 2021 13:23:24 GMT
expires
Fri, 04 Mar 2022 13:23:24 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1069
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gnezdo_logo.png
news.gnezdo.ru/src/ Frame 47F8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/src/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
7dd273fa5e1dd18e0362e35f68917c499abd326015b5d93b8e118e343159f939

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:13 GMT
Last-Modified
Mon, 08 Jul 2019 04:50:37 GMT
Server
nginx/1.10.3
ETag
"5d22cb9d-c54"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3156
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel.gif
sync.1dmp.io/ Frame B37F 		35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg==
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0
match
dm.hybrid.ai/ Frame B37F 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&XV9kdWBA43ddpjc0BR_YAg==
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
127
x-xss-protection
1; mode=block
expires
-1
0100007F78E340605004F924025E335E
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame B37F
Redirect Chain
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=XV9kdWBA43ddpjc0BR_YAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78E340605004F924025E335E
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78E340605004F924025E335E
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78E340605004F924025E335E
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
1b4ed333-7a8e-523f-a462-45a5c422a6dd
fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/ Frame B37F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=XV9kdWBA43ddpjc0BR_YAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/1b4ed333-7a8e-523f-a462-45a5c422a6dd
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/1b4ed333-7a8e-523f-a462-45a5c422a6dd
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/1b4ed333-7a8e-523f-a462-45a5c422a6dd
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
1081818_9ace95c49c.jpg
zn2.2xclick.ru/img/150x120/818/ Frame 47F8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/150x120/818/1081818_9ace95c49c.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e0dda4dca6e977aadbd0c0916cacedc1d0328f8e87076d9caa2329bf88910911

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 03 Mar 2021 10:51:57 GMT
server
nginx
etag
"603f6a4d-1a67"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
6759
expires
Thu, 31 Dec 2037 23:55:55 GMT
1078585_50a5fbcb0f.jpg
zn2.2xclick.ru/img/150x120/585/ Frame 47F8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/150x120/585/1078585_50a5fbcb0f.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4a8efa9cea9810feddb8b462a0f57a0fe87b3caa2cf8a26da77c9493c1d7081a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Fri, 26 Feb 2021 03:45:09 GMT
server
nginx
etag
"60386ec5-13c5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5061
expires
Thu, 31 Dec 2037 23:55:55 GMT
1078321_a2fe1fd8e2.jpg
zn2.2xclick.ru/img/150x120/321/ Frame 47F8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/150x120/321/1078321_a2fe1fd8e2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
1771634445a0ceda46cc911cf51d69ec834530c85593ade50642a7fd176c1d02

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Thu, 25 Feb 2021 14:55:54 GMT
server
nginx
etag
"6037ba7a-149c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5276
expires
Thu, 31 Dec 2037 23:55:55 GMT
1078381_8e2d1e6a01.jpg
zn2.2xclick.ru/img/150x120/381/ Frame 47F8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/150x120/381/1078381_8e2d1e6a01.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
1c67f3108beaf91513a064704b0c3698e282e7d8c05202a32d395f58ced623d8

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 03 Mar 2021 12:10:22 GMT
server
nginx
etag
"603f7cae-1452"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5202
expires
Thu, 31 Dec 2037 23:55:55 GMT
1082057_4eae45236a.jpg
zn2.2xclick.ru/img/150x120/057/ Frame 47F8 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/150x120/057/1082057_4eae45236a.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
bf736d65948cf097ada47ace72a27b669ec18074499eec6c8db193803d58cb33

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 03 Mar 2021 15:47:11 GMT
server
nginx
etag
"603faf7f-dfd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3581
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ Frame B37F 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=https%3A//newsyou.info/&du=https%3A//newsyou.info/wp-content/themes/newsyou/ads/zaglushka-header-top.php&tizer_id=17974&r=0.9913203059534081
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif; charset=windows-1251
c
c.mgid.com/ 		43 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=297|363|24|TDmVyKgEBRtqWSfisjiH8hRMuCYiAjhgTamhmrVoXKmc8GYUb0581ZQm9IQHg-YN&fw=1&extjs=66044&cid=1024868&h2=71Qx9xsxXZn9VkabdW_pyzLEnn3-qRAcQl2_4jf7ivw*&rid=48507f7e-7cef-11eb-86ce-d094662c24f7&tt=Direct&iv=11&pageImp=1&cbuster=1614865273805694141728&tpl=0
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
c2ba9acf-7299-4783-834d-c4ea39f47ea3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab855988ab0c85-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11abf900000c85e39b4000000001
server
cloudflare
/
m.mixadvert.com/show/load/ Frame DCC3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7879&id_name=bhotA&teaser_name=NBtptBf&block_name=obEfsY&ban_teaser=&r=0.1976297278579926&host=newsyou.info&ref=https://newsyou.info/
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
9d9ed450563ad9c062655b391ffc6058dd26e951f6c58aba0be924d08fc6a1c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C9AA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 10:22:27 GMT
x-content-type-options
nosniff
server
cafe
age
11926
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 05 Mar 2021 10:22:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C9AA 		344 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
26491
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 05 Mar 2021 06:19:42 GMT
231dc55b820b51082ad4fa9182995aee.jpg
tpc.googlesyndication.com/sadbundle/18172369406814535347/media/ Frame C9AA 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18172369406814535347/media/231dc55b820b51082ad4fa9182995aee.jpg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0704b2cad70f201f73457b23f394b2e493df57955338d76414017394a45742c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:29:03 GMT
x-content-type-options
nosniff
age
141130
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56662
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 13:04:21 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 22:29:03 GMT
622bb1718a4b7d1b5eb2e9a1e3b5027d.png
tpc.googlesyndication.com/sadbundle/18172369406814535347/media/ Frame C9AA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18172369406814535347/media/622bb1718a4b7d1b5eb2e9a1e3b5027d.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
126bac1a7b90ab24cd6d9476ad8c80994c7f21565a3111d5653bd0efdd6af726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 14:07:44 GMT
x-content-type-options
nosniff
age
603209
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3190
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 13:04:21 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 14:07:44 GMT
if
a4p.adpartner.pro/tracker/ Frame 67FA 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225714041f-fb71-482f-9451-faede8d748d9%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2290bacb26-7663-4763-9364-2b1e1e8de653%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b2caddba-3088-4802-b728-797be304f42b%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01%2C%22dsp_id%22%3A23%2C%22rule_id%22%3A0%2C%22show_id%22%3A%227f345d97-c863-4e48-bfeb-18921541c119%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225714041f-fb71-482f-9451-faede8d748d9%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2290bacb26-7663-4763-9364-2b1e1e8de653%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b2caddba-3088-4802-b728-797be304f42b%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01%2C%22dsp_id%22%3A23%2C%22rule_id%22%3A0%2C%22show_id%22%3A%227f345d97-c863-4e48-bfeb-18921541c119%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php%22%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
newsyou.info_ref=; apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f; apudmg=1; buyeruid_13=60320519184
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:14 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 3C86 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225714041f-fb71-482f-9451-faede8d748d9%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2290bacb26-7663-4763-9364-2b1e1e8de653%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b2caddba-3088-4802-b728-797be304f42b%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01%2C%22dsp_id%22%3A23%2C%22rule_id%22%3A0%2C%22show_id%22%3A%227f345d97-c863-4e48-bfeb-18921541c119%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.217.75 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
a4p.adpartner.pro
:scheme
https
:path
/tracker/if?data=%7B%22apuid%22%3A%2252ff0dba-a782-400f-abe8-df93e6b2b32f%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225714041f-fb71-482f-9451-faede8d748d9%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.02069%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2290bacb26-7663-4763-9364-2b1e1e8de653%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01578%2C%22dsp_id%22%3A35%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b2caddba-3088-4802-b728-797be304f42b%22%7D%2C%7B%22ad_id%22%3A0%2C%22cost%22%3A0.01%2C%22dsp_id%22%3A23%2C%22rule_id%22%3A0%2C%22show_id%22%3A%227f345d97-c863-4e48-bfeb-18921541c119%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php%22%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
newsyou.info_ref=; apuid=52ff0dba-a782-400f-abe8-df93e6b2b32f; apudmg=1; buyeruid_13=60320519184
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:14 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1614865273&ptz=3600&pl=en-US&object=13245&template_id=1280&num=3&ref=&output=json&chash=yPSD5GSLlx&subidhasrefresh=hasrefresh_1&extids=&callback=__smiCb1614865271264
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
56bfc5b3df1af71fb0c32505e7e5e2c330a5d37bfe7b8f35201bb4817ae52866
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
/
go1.aniview.com/api/adserver/tag/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=desktop&AV_CDIM2=0&AV_CDIM3=native&AV_CDIM4=346316&AV_CDIM5=48555bef-7cef-11eb-b15f-d094662f8ab5&AV_CDIM6=11&AV_CUSTOM2=0&AV_CUSTOM3=%D0%92%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D0%B5%20%D0%BC%D1%83%D0%B6%D1%87%D0%B8%D0%BD%D0%B5%20%22%D0%BE%D1%82%D1%80%D0%B0%D1%81%D1%82%D0%B8%D0%BB%D0%B8%22%20%D0%BD%D0%BE%D0%B3%D1%83!&AV_CUSTOM4=0&AV_CUSTOM5=7&AV_CUSTOM6=3&AV_CUSTOM7=0&AV_CUSTOM8=0&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=5c76455c073ef42c784ad54f&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=newsyou.info&AV_DADPOS=3&v=6.1.1.243&avtoken=273708&AV_WIDTH=359&AV_HEIGHT=202&cb=1614865273855
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.241.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
41f382a9d166f08f9b885ab3f8df32eeb62714466e071b84368368c3b96153a5

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newsyou.info
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 20 Feb 2021 23:54:34 GMT
/
c.mgid.com/vs/ 		43 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=1725&iid=346316&e=adinventory&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%2248555bef-7cef-11eb-b15f-d094662f8ab5%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%7D&t=0&c=39684&h=BzU5dMuZ_ZITwt7ce3vz8ilQbH98SeqE8SzmpX4Rb6Iz1d8buv6WV47APvmJpdw3
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62ab8559b8f90c85-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11ac1200000c85e90bb000000001
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame DCC3 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
553355
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 03:58:38 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ Frame DCC3 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:28:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
457939
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6720
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:28:54 GMT
gnezdo_logo.png
news.gnezdo.ru/src/ Frame CDFF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/src/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
7dd273fa5e1dd18e0362e35f68917c499abd326015b5d93b8e118e343159f939

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:13 GMT
Last-Modified
Mon, 08 Jul 2019 04:50:37 GMT
Server
nginx/1.10.3
ETag
"5d22cb9d-c54"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3156
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel.gif
sync.1dmp.io/ 		35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4619280f-7aee-412b-991e-5007b05519a2&brid=1b89b071-72bc-4c19-b96c-2ee973304856&pid=w&uid=XV9kdWBA43ddpjc0BR_YAg==
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0
1077190_b618c3bd48.jpg
zn2.2xclick.ru/img/400x400/190/ Frame CDFF 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.2xclick.ru/img/400x400/190/1077190_b618c3bd48.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
290944700109e08bc6ffe9a4571ec1e1621d0e18172150a28b67e2c4f47486d5

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
last-modified
Wed, 24 Feb 2021 09:34:49 GMT
server
nginx
etag
"60361db9-5bb3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
23475
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&tizer_id=10139&r=0.32989066781771004
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
server
nginx
content-type
image/gif; charset=windows-1251
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:49:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:01 GMT
server
sffe
age
456679
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13720
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:49:54 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F41 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 10:22:27 GMT
x-content-type-options
nosniff
server
cafe
age
11926
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 05 Mar 2021 10:22:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F41 		344 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
26491
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 05 Mar 2021 06:19:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A7D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu247EcQ_35-BOX9rIQkXUc2CagmUuamH0REthIOzEtm5tObMYo9a4BwO7GQpZWK3dU2G6aFeJ11ocy6zyt46iKyJrmNrzXAFoODuJTclIwdm468EhKjK2WQEQ-gLSCMfOPB8Vsj-i7LHSGqmdskmfONDcbHByIHAzJVnDDrbaL9JZ2mH_DLJNF-IyGSjd9Rdh9CpRc1yQVFsXmZSphCx7WOGH13YGD1kewQnPom3akzjzaVwsCM1idj7EvffzsvnbE07vdsNxX_68Rcn3TZNKiA3Eu4pnpFK1bOoP8fW_laCxKlIErz8UzKYnl&sig=Cg0ArKJSzAScnLHfoEm9EAE&urlfix=1&adurl=
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
prebid.js
hb.adpone.com/ Frame A7D2 		327 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2003
content-type
application/javascript
x-amz-request-id
6E02F583733835F3
x-amz-id-2
MaZu06aUh8BfpsD8N/YB/d0HL34eRqe/WmE9V3LjE/3TGv6HbI2tmHbxvnBbONrckfDLnTJdjkQ=
last-modified
Thu, 08 Oct 2020 08:58:50 GMT
server
cloudflare
etag
W/"3f9f2be0df40c2f61ef943e7de1ea106"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j%2Foq4MYNz8LLO9YusmP%2F7hf6FfE34MsrMQIW6NaRaJVlvMsMMtwPvfvOvQe0L33zKKKDJn4Nr6o5WT6q986Lr%2Fd6l8uLwwzVRLZC%2Bqu%2FZymc%2F9hItX1OR%2Be6"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
rBVPesXy_KxlMhmQGZiGrffT5fqVdJJ6
cache-control
max-age=14400
cf-request-id
089f11ad1f000006053b114000000001
cf-ray
62ab855b6a090605-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A7D2 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:13 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 1C6A 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1C6A 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b632ccaa7fc94b205eee201683675ac47ada67da2de28c5e98a9541fc1ddc8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6532
x-xss-protection
0
/
m.mixadvert.com/show/load/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7883&id_name=zzTzo&teaser_name=GyccDAZ&block_name=bhGpmG&ban_teaser=&r=0.48476966630326745&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7883&r=0.7969671280255681
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
ae258f38fac53da90949b9374a1822af96d722f81fab5eeb8263974538a72c6d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsyou.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:52:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
139721
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6864
x-xss-protection
0
expires
Wed, 02 Mar 2022 22:52:33 GMT
e3ef1be7bc51e760c16c624076c8bc99_360.mp4
video-native.mgid.com/provided_video/2019-08-27/ 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/provided_video/2019-08-27/e3ef1be7bc51e760c16c624076c8bc99_360.mp4
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://newsyou.info/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc31
date
Thu, 04 Mar 2021 13:41:14 GMT
last-modified
Tue, 27 Aug 2019 17:15:25 GMT
server
nginx
access-control-allow-origin
*
etag
"4bfbdf-5911c6b18425d"
x-cached-since
2021-02-22T05:32:46+00:00
content-type
video/mp4
Content-Range
bytes 0-4979678/4979679
cache-control
max-age=290304000, public
cache
HIT
Content-Length
4979679
x-vhost-ver
3787631609560122666
expires
Tue, 22 Feb 2022 05:32:45 GMT
dpixel
cms.quantserve.com/ Frame BB4B 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENVLcPoXzki2D8jk8tsaNlM&google_cver=1&google_push=AQvitUK_PM3I7SgwBEv4UTVWa-geWEntZC7HfrthL7BXCmkhivEfsNiL_blLIGaMc276sJqXzJ65p5XBfhMBbAJMNLWvTdi3j6Sn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BB4B
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUL6aWQo...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUL6aWQo...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU0MTM3Mjk2NjMwMDU0Mg%3D%3D&google_push=AQvitUL6aWQo3mI3d9drzbCJEs5nWTrpeTHGtOP6igEr0RQ7_FpJAS-O6HZ5Uj3x_SADHq...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU0MTM3Mjk2NjMwMDU0Mg%3D%3D&google_push=AQvitUL6aWQo3mI3d9drzbCJEs5nWTrpeTHGtOP6igEr0RQ7_FpJAS-O6HZ5Uj3x_SADHq...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU0MTM3Mjk2NjMwMDU0Mg%3D%3D&google_push=AQvitUL6aWQo3mI3d9drzbCJEs5nWTrpeTHGtOP6igEr0RQ7_FpJAS-O6HZ5Uj3x_SADHqnCPeoCzyQmrcY_RKN2rLMLYVOpR3NO&google_tc=
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU0MTM3Mjk2NjMwMDU0Mg%3D%3D&google_push=AQvitUL6aWQo3mI3d9drzbCJEs5nWTrpeTHGtOP6igEr0RQ7_FpJAS-O6HZ5Uj3x_SADHqnCPeoCzyQmrcY_RKN2rLMLYVOpR3NO&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
447
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BB4B
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBtJec2VEtEhXtCq0eP0LCw&google_cver=1&google_push=AQvitUKDw0GnZGb0TqNUqFcV18fKh-rvR9rVC7ahNLmfFgsoS1tBjYyMvSadidh656-36kv4BSEMdbMZhTW7Q3XtIDnusoa6zj8
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBtJec2VEtEhXtCq0eP0LCw&google_cver=1&google_push=AQvitUKDw0GnZGb0TqNUqFcV18fKh-rvR9rVC7ahNLmfFgsoS1tBjYyMvSadidh656-36kv4BSEMdbMZhTW7Q3XtIDnusoa6zj8&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKDw0GnZGb0TqNUqFcV18fKh-rvR9rVC7ahNLmfFgsoS1tBjYyMvSadidh656-36kv4BSEMdbMZhTW7Q3XtIDnusoa6zj8&google_hm=CWPN4btpz90OxN0b1fe8IA==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKDw0GnZGb0TqNUqFcV18fKh-rvR9rVC7ahNLmfFgsoS1tBjYyMvSadidh656-36kv4BSEMdbMZhTW7Q3XtIDnusoa6zj8&google_hm=CWPN4btpz90OxN0b1fe8IA==
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:13 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKDw0GnZGb0TqNUqFcV18fKh-rvR9rVC7ahNLmfFgsoS1tBjYyMvSadidh656-36kv4BSEMdbMZhTW7Q3XtIDnusoa6zj8&google_hm=CWPN4btpz90OxN0b1fe8IA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
gc6eq6nd2b9dqup1fj5bpbm0pccfbn8q
pixel
cm.g.doubleclick.net/ Frame BB4B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xCRNoni8RGO5li4NuTbW9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xCRNoni8RGO5li4NuTbW9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULWi4N094h3D5w8OeB4y9z3AhbAZCG-R40r757Puavl4swiDNMzKC7OrqUnIS0VVetUdhaLFX1gUmyTd0w1vBQddxW_oB4
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xCRNoni8RGO5li4NuTbW9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULWi4N094h3D5w8OeB4y9z3AhbAZCG-R40r757Puavl4swiDNMzKC7OrqUnIS0VVetUdhaLFX1gUmyTd0w1vBQddxW_oB4
Date
Thu, 04 Mar 2021 13:39:18 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame BB4B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA3xYl90GlARgrrbEBs3o8U&google_cver=1&google_push=AQvitUJK1Onvyz6PTWVvk5sPi6_ZSTGHpcHT1tMpcP7fzKoUO5GdE46tgsBC8WsuneUWr3s2eSt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVWDM4N0YtMVUtM09WUg==&google_push=AQvitUJK1Onvyz6PTWVvk5sPi6_ZSTGHpcHT1tMpcP7fzKoUO5GdE46tgsBC8WsuneUWr3s2eStls_yUrUptHx0gzVs8W1q9YFIs
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVWDM4N0YtMVUtM09WUg==&google_push=AQvitUJK1Onvyz6PTWVvk5sPi6_ZSTGHpcHT1tMpcP7fzKoUO5GdE46tgsBC8WsuneUWr3s2eStls_yUrUptHx0gzVs8W1q9YFIs
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVWDM4N0YtMVUtM09WUg==&google_push=AQvitUJK1Onvyz6PTWVvk5sPi6_ZSTGHpcHT1tMpcP7fzKoUO5GdE46tgsBC8WsuneUWr3s2eStls_yUrUptHx0gzVs8W1q9YFIs
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame BB4B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKubOg6dgrloYekhWGKf2Ew&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKubOg6dgrloYekhWGKf2Ew&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEDjeyBZnSrgTpuPyWMdDwAABFMAAAAB&google_push=AQvitUI-m2XfTqjCTWv0zOH_eY_od9moMoGHWoZEUEvcf-1DNWol2aRgq122_Zw4tBzSwEFxjzXhJXyasGqubucRlH...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEDjeyBZnSrgTpuPyWMdDwAABFMAAAAB&google_push=AQvitUI-m2XfTqjCTWv0zOH_eY_od9moMoGHWoZEUEvcf-1DNWol2aRgq122_Zw4tBzSwEFxjzXhJXyasGqubucRlHN8aFTGLLTi&google_gid=CAESEKubOg6dgrloYekhWGKf2Ew&google_cver=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEDjeyBZnSrgTpuPyWMdDwAABFMAAAAB&google_push=AQvitUI-m2XfTqjCTWv0zOH_eY_od9moMoGHWoZEUEvcf-1DNWol2aRgq122_Zw4tBzSwEFxjzXhJXyasGqubucRlHN8aFTGLLTi&google_gid=CAESEKubOg6dgrloYekhWGKf2Ew&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Thu, 04 Mar 2021 13:41:15 GMT
trk
ag.innovid.com/ Frame BB4B 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHhVir5mXdpCsHRDj0y57JY&google_cver=1&google_push=AQvitUL5GXhh9-yWqCgwb5FZKDH6lOFClrek1HJzDw9Ucdwb77lh7jyJqaB0CyQx0aF1K8Rhsv9yZJnDjQmurUFFFq-S8z17fg1F
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:14 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame BB4B 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDw_tKJpytNqT3WD9ioehatooIvtwJJ3_AChWc6VheBYAny7PZQkgBOFvOEnQTKpRiO2mW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
db19e562a3cad56ae4462901071b9743.jpeg
img.servestatic.net/250_250/d/b/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.servestatic.net/250_250/d/b/db19e562a3cad56ae4462901071b9743.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b0721790d1d52f1227dfea71489ccdd711f9204e256812a3435e829dc92681

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
cf-cache-status
HIT
age
52194
cf-polished
qual=85, origFmt=jpeg, origSize=25897
content-disposition
inline; filename="db19e562a3cad56ae4462901071b9743.webp"
content-length
20938
cf-request-id
089f11ad2700001f35ae20f000000001
last-modified
Sat, 27 Feb 2021 08:47:12 GMT
server
cloudflare
etag
"603a0710-6529"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 05 Mar 2021 23:11:20 GMT
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
62ab855b7d7c1f35-FRA
cf-bgj
imgq:85,h2pri
35f392d5832692e873dc42534fcb47e4.jpeg
img.servestatic.net/250_250/3/5/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.servestatic.net/250_250/3/5/35f392d5832692e873dc42534fcb47e4.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d20908766d7943522022ee2e1cfb1a1d9c20ebc0908314776c08717615196797

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
cf-cache-status
HIT
age
50655
cf-polished
qual=85, origFmt=jpeg, origSize=32568
content-disposition
inline; filename="35f392d5832692e873dc42534fcb47e4.webp"
content-length
22492
cf-request-id
089f11ad2800001f35f1366000000001
last-modified
Fri, 12 Feb 2021 15:11:07 GMT
server
cloudflare
etag
"60269a8b-7f38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 05 Mar 2021 23:36:59 GMT
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
62ab855b7d801f35-FRA
cf-bgj
imgq:85,h2pri
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 9411 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
236915
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C9AA 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGYIdeONAYP4M9N2bB8WbkMABl568qluv462Mhg2p34-jjBkQASC4nuIjYJUCoAHvvPTSA8gBCakCr_2PRdhMhT6oAwHIAwiqBJQCT9AvmfhvWdvg5QYko_wb5ob6dN6PIuqxK7uf-zXNX3aWBw30nOsoA4ZyD1xfUQmNy28X2HsBVhg21uxMvnuHh3c9-E8RQf-yDjzuD4ceQrRU08jT5vXcM67dLsNI4ehYqRNXhGCXyl4qScckwSVIde-ouGBMwvVru0I0ikL5y4zdHXd8KxXmIYt0M3KZTziSS185Avt7bJZax-9qmlgJJoC5NKcgz4BRZLQUSGN75bpJbx9ErDPEWRUJEp2INHqA2h6Hpuovar8VXRVqOKXpH4rVmFZvxzhii_vff7_ptQw0Fb2bMDhyEkXMp6OInYfs4xTsZXkML5j8pzG0oxroM8ZwMDO6DoJtKIyd3nSKQe3OcKTzwAS64-K-3AKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-cKLLagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC7gQbSCAkIgOGAEBABGB-ACgHICwHYEwKyFxoKGAgAEhRwdWItNTk5NDY5NzAyODM4MDYwOQ&sigh=RGaGkApRKZM&template_id=419&tpd=AGWhJmtbiByF9qtto-o0cQxKECsOfWbQK3d62A_jMvaJFoISDw&cbvp=2
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 04 Mar 2021 13:41:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1C6A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060327
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:14 GMT
css
fonts.googleapis.com/ Frame DCC3 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a430a3f10ce490ee3be6f3159a368b22de00eb7089b4f7980e7de5bf943ad1d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:41:14 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:14 GMT
block_head.png
mixadvert.com/images/logo/ Frame DCC3 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-center.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:14 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
truncated
/ Frame A7D2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd97ac8e374ce2b8ab5148e00ff8036c31d21557bdc7d093f7dd0a3e9cd19a49

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
/
servicer.mgid.com/346316/ 		65 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/346316/?vast=1&w=359&h=202&pl=1&page=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&cbb=4865274302
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11adeb00000c850a130000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab855cafb20c85-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=newsyou.info&rs=newsyou.info&sid=90919&t=1614865274&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=359&he=202&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1614865274202-997738895741-000333-002-003630&cha=0.7&cb=36327129101&cd3=native&cd4=346316&cd1=desktop&cd6=11&cd5=48555bef-7cef-11eb-b15f-d094662f8ab5&cd2=0&d9=1000&AV_WIDTH=359&AV_HEIGHT=202&nid=5ac2203f073ef46a6856c7b0&ncid=5c76455c073ef42c784ad54f&e=request&cb=1614865274337&asid=5e4676ba28a06144b256e7b2%2C5e8b5435c39a31348d329cf4%2C5eb16bf9336e195304626376%2C5f98323eb57e22303c5a0ff8&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.198.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
informer
data.24smi.net/ 		709 B
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1614865273&ptz=3600&pl=en-US&object=13248&template_id=1282&num=1&ref=&output=json&chash=yPSD5GSLlx&subidhasrefresh=hasrefresh_1&extids=&callback=__smiCb1614865271265
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
2d32c91109e86ac380dad26ac316e4f5de5de5a3b678bc00572490178917bb35
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
content-length
709
request.php
hal900029.redintelligence.net/ Frame E173
Redirect Chain
  • https://hal900029.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=ef1750446a&subid=&uid=d2e9f3c4c164ef35&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900029.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=ef1750446a&subid=&uid=d2e9f3c4c164ef35&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=ef1750446a&subid=&uid=d2e9f3c4c164ef35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4194525556240525431%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D59a56040-e378-4901-8a9f-b30c76f1aa1b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D280%26slotname%3D9613474772%26adk%3D1966935994%26adf%3D2145073481%26pi%3Dt.ma~as.9613474772%26w%3D580%26lmt%3D1614865271%26psa%3D0%26format%3D580x280%26url%3Dhttps%253A%252F%252Fnewsyou.info%252Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%26wgl%3D1%26dt%3D1614865271232%26bpp%3D1%26bdt%3D541%26idt%3D479%26shv%3Dr20210302%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x200%26nras%3D1%26correlator%3D2911950995705%26frm%3D20%26pv%3D1%26ga_vid%3D629737997.1614865271%26ga_sid%3D1614865272%26ga_hid%3D1357063670%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D192%26ady%3D371%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736376%252C21066429%26oid%3D3%26pvsid%3D4296289433420388%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CopeE%257C%26abl%3DCS%26pfx%3D0%26cms%3D2%26fu%3D8192%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DOR6dYg6VG9%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D484&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fnewsyou.info&random=4150952158406&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
7fb13acbf7ed4cc271536d629db081f7dfceaa8c1859ff03109c761ee8c57549

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:15 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
97357500141172000951407011523029
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
331
Expires
Thu, 04 Mar 2021 13:41:15 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:14 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=ef1750446a&subid=&uid=d2e9f3c4c164ef35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4194525556240525431%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D59a56040-e378-4901-8a9f-b30c76f1aa1b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D280%26slotname%3D9613474772%26adk%3D1966935994%26adf%3D2145073481%26pi%3Dt.ma~as.9613474772%26w%3D580%26lmt%3D1614865271%26psa%3D0%26format%3D580x280%26url%3Dhttps%253A%252F%252Fnewsyou.info%252Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%26wgl%3D1%26dt%3D1614865271232%26bpp%3D1%26bdt%3D541%26idt%3D479%26shv%3Dr20210302%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x200%26nras%3D1%26correlator%3D2911950995705%26frm%3D20%26pv%3D1%26ga_vid%3D629737997.1614865271%26ga_sid%3D1614865272%26ga_hid%3D1357063670%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D192%26ady%3D371%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736376%252C21066429%26oid%3D3%26pvsid%3D4296289433420388%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CopeE%257C%26abl%3DCS%26pfx%3D0%26cms%3D2%26fu%3D8192%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DOR6dYg6VG9%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D484&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fnewsyou.info&random=4150952158406&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 04 Mar 2021 13:41:14 +0100
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 4A2E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Thu, 04 Mar 2021 13:23:24 GMT
expires
Fri, 04 Mar 2022 13:23:24 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1070
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
translator
hbopenbid.pubmatic.com/ Frame A7D2 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 04 Mar 2021 13:39:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame A7D2 		600 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
00b500658fce1934621680442aeae5d4b21c0b3e1438242a0278a662dab6368e

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b5%3b75
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://newsyou.info
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A7D2 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=270626&zone_id=1346616&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!adpone.com,1992,1,,,&rf=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&tk_flint=adpnPbjs_lite_v3.26.0&x_source.tid=dbcdf390-7f99-44c6-b550-4cb23bf1a392&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.18431089180485416
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
97185bb4288fb07432ac7c76eff376ad4cafd7805cebea949a0254409742d470

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://newsyou.info
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpone-d.openx.net/w/1.0/ Frame A7D2 		172 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=dbcdf390-7f99-44c6-b550-4cb23bf1a392&nocache=1614865274396&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!adpone.com%2C1992%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1614865273915&auid=541066154
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
67ad9db3478df5db2238a5e07f122d309916055e2b14ab918864c3c55b2139a9

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame A7D2 		139 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
adeec1402fdb37cd3296f2696f0ea90929e3064a271880ff54730498e3fe131c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:15 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid
02a8522b-3e50-44c0-a196-6c6b9be0dc66
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://newsyou.info
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.mgid.com/vs/ 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=1725&iid=346316&e=vr_load&h=BzU5dMuZ_ZITwt7ce3vz8ilQbH98SeqE8SzmpX4Rb6Iz1d8buv6WV47APvmJpdw3&o=%7B%22vrViewable%22%3A0%2C%22sticky%22%3A0%2C%22playlistSeq%22%3A0%2C%22uuid%22%3A%2248555bef-7cef-11eb-b15f-d094662f8ab5%22%2C%22timeOffset%22%3A0%7D&t=0&c=2498
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62ab855d49230c85-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11ae4e00000c85e5390000000001
view
securepubads.g.doubleclick.net/pcs/ Frame A7D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiyBCUM3OK4XqV7KGYmkMIXSOq_J1OFi05crlnWLMuEEL_PFV4JYICcQHwD93fDVJvYHIr2IUhKjQxb95n9qU8_SDSnl5OAInQIzF6Pw0RmYGJLXd9tUyV19X1rTOfosYhAL_xScy9edUi_uxQpsuP9_EPc9fHcqUJ-rJ6qDMv_59dRTfPdwnv1vBEucJP6lIFMdXukeHUsTJSKTw2RKia_jGiPvkmBJz_GI5mRXTTP0oEoIAZPSLVjjC0INGzjZT3DNNYG-HiHJpienxo2KSzJrEzkHFgP2buCBNKdvwPiF4JLeW0iMBEeWH4s2U&sig=Cg0ArKJSzC4jokYWSDdkEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:14 GMT
/
m.mixadvert.com/show/load/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=6822&id_name=nRpYB&teaser_name=nhpQjiN&block_name=BicSZE&ban_teaser=&r=0.1908883177764782&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=6822&r=0.2982501532512114
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
a6fc66836fcf4fbeee91ae9a81927fecd5d4a10adb048c94ce2efab492656311
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 7CC2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
236915
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=newsyou.info&rs=newsyou.info&sid=90919&t=1614865274&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=359&he=202&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1614865274202-997738895741-000333-002-003630&cha=0.7&cb=36327129101&cd3=native&cd4=346316&cd1=desktop&cd6=11&cd5=48555bef-7cef-11eb-b15f-d094662f8ab5&cd2=0&d9=1000&AV_WIDTH=359&AV_HEIGHT=202&nid=5ac2203f073ef46a6856c7b0&ncid=5c76455c073ef42c784ad54f&e=bid&cb=1614865274476&asid=5e4676ba28a06144b256e7b2%2C5e8b5435c39a31348d329cf4%2C5eb16bf9336e195304626376&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.198.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1614865273&ptz=3600&pl=en-US&object=14482&template_id=783&num=3&ref=&output=json&chash=yPSD5GSLlx&subidhasrefresh=hasrefresh_1&extids=&callback=__smiCb1614865271266
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
036f6d4f00f385ad400ce9655d9b0b93f61ed40882a2b42447d4a5f9635af0e9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 81BD 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:14 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B56E 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:14 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8BB5 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:14 GMT
96e36348d943a8f087cb5830c557db74.jpeg
img.servestatic.net/250_250/9/6/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.servestatic.net/250_250/9/6/96e36348d943a8f087cb5830c557db74.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ff098aa83f4725efe570f665a4282e266d50b35259de7308f987e1eab0547a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
cf-cache-status
HIT
age
598410
cf-polished
qual=85, origFmt=jpeg, origSize=21393
content-disposition
inline; filename="96e36348d943a8f087cb5830c557db74.webp"
content-length
11986
cf-request-id
089f11aead00001f35f3843000000001
last-modified
Thu, 25 Feb 2021 15:23:17 GMT
server
cloudflare
etag
W/"6037c0e5-15619"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 22 Dec 2021 15:27:44 GMT
cache-control
max-age=25920000
accept-ranges
bytes
cf-ray
62ab855dd8761f35-FRA
cf-bgj
imgq:85,h2pri
rv.fcgi
fcgi5.2xclick.ru/cgi-bin/ 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.2xclick.ru/cgi-bin/rv.fcgi?tizer_id=10139&rv_tizer_id=1.00&anons_ids=1077190fc.PfNybAQAUmNjdHIgZGZfYmxpbmQB&uid=XV9kdWBA43ddpjc0BR_YAg==&r=0.8184140811763825
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
image/gif; charset=windows-1251
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 4A2E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
236915
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
/
m.mixadvert.com/show/load/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7878&id_name=ETAlp&teaser_name=ohHcbKn&block_name=EcGsoh&ban_teaser=&r=0.02165650056608137&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7878
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
4fa7f6e6a1cd54b1a737a0d35b6f735f8958ed3b3297932d286066e703d95082
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 1867 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
155089
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 81BD 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:15 GMT
integrator.js
adservice.google.com/adsid/ Frame 81BD 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 7B5D 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
155089
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 8BB5 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:15 GMT
integrator.js
adservice.google.com/adsid/ Frame 8BB5 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 82DA 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
155089
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame B56E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:15 GMT
integrator.js
adservice.google.com/adsid/ Frame B56E 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 9625 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cqo2UeONAYL_kA8yd1wae3r6YA7Hh5_hfqLSd_8sN5s_rxIUbEAEguJ7iI2CVAqAB9qzLwQPIAQmpApDMhq9uMLQ-qAMBqgSRAk_Qk-nDSJmWfzqmlH9Ct3xr6pQrlx0MDqADnfFovelEXu9icLz-kLI_cj0ISj-NnGeKQcbmE8dQRBXWaGR4RNC4gdc0Jn_POo-ZRpZIPX5x4g6l7DtaWmH52QPniOQcbaaYXFdKY_N8r1sr1E2wdWKzoF6D34lZ6Cv9smAhd0H7USOznEBOwg-QCW9JjawSAu8J7QFoQenVTuZFOIUsyqt1yynz7r3ArhmQOXWi2Gmsrgr0fEI4IXMRxPwSysasxHpRflcZ2bi5rlxWKnUMW2lhzlype8sJ0jZsn9oNdIssGX_5nTyCogNsGmU3m-w417TP-3bmzgufbjqodvmW9crf20WrfaKPHrjywjmxajsGrMAEm6XdwK0DoAYugAeplJ47qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOXAAdIICQiA4YAQEAEYH4AKAcgLAdgTA7IXGgoYCAASFHB1Yi01OTk0Njk3MDI4MzgwNjA5&sigh=Y-gJUGriBLw&vt=1&template_id=5000
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&dt=1614865271234&bpp=2&bdt=543&idt=803&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VbFcSC2weO&p=https%3A//newsyou.info&dtd=809
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 04 Mar 2021 13:41:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9625 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_Fpl26YHpFcJxk_DVbz7tkwuHGnGWbmnreY7afDH-gwOD4JKCZLqM4fon1q8_0Xar9fkG5dpCXhe9i2ppKzcfq7xULVivxKwvJunTZjkw90jc2GXkztEpdjuwSnhYP9QCZ53kDYlLS15DdX9ueLl7&sai=AMfl-YQXQe78wuzIoScZ8o-pqdQttp8C5rauVHYni3SFHzhfr1nTFpmvsXnFa9sri-vparu9um-NSsafmr_ZtsDROhGlqecKADkPFoQCLfysGl6DHU-vpsPOJYkXsKcP&sig=Cg0ArKJSzN4nrQbMNgp2EAE&cid=CAASF-Ro1yxH947q9no_BmQsUqh6yEn82JQB&id=osdim&mcvt=1049&p=371,805,621,1105&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=895116589&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614865272044&dlt=375&rpt=2&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AF52 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
311
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 04 Mar 2021 14:36:04 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B6E6 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
311
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 04 Mar 2021 14:36:04 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5F51 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
311
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 04 Mar 2021 14:36:04 GMT
request_content.php
hal900029.redintelligence.net/ Frame 9903 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request_content.php?s=97357500141172000951407011523029&a=d39e1b15
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=ef1750446a&subid=&uid=d2e9f3c4c164ef35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4194525556240525431%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D59a56040-e378-4901-8a9f-b30c76f1aa1b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCq8Dhd-NAYKD-LeqqxgL7u7GoDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOcgBCagDAaoEiAJP0B2X7COovhXk0_QJIEoxfStOAtuy4itXhALsxOLYXemg_YpdI1B-l97vBLFIfLKiMP7Ym7aFlB3JjYpbzyOS1DSlQmz3MLyqaXSB0Kf_b-s1IOogLnpbEr8SxffptBJnLfTo9T_262p0Xcldrzcw5jgYs5_QJgtFpWsAWGaKWOwj15aC7PSU2SbCV_KRXqV-eM46QGTQUyEh0v4QBpRJE8rXCk8o3hENtLHpswFwhCKz0tTKgViYgnC85t9c8JaS_wpnH6b4sU1ygkHxZ1J1AA4scVdYq7SN__vbvWfekZnHn4OxDlwzbKgdx9L3dEQ1BIYNbt0G6tbI9kq9G_3CvyNMzxDm0GSABpPmxMWZ3fWv-gGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1MhFVKC2ENANvz5zoZv2tt0aypEw%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D280%26slotname%3D9613474772%26adk%3D1966935994%26adf%3D2145073481%26pi%3Dt.ma~as.9613474772%26w%3D580%26lmt%3D1614865271%26psa%3D0%26format%3D580x280%26url%3Dhttps%253A%252F%252Fnewsyou.info%252Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%26wgl%3D1%26dt%3D1614865271232%26bpp%3D1%26bdt%3D541%26idt%3D479%26shv%3Dr20210302%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x200%26nras%3D1%26correlator%3D2911950995705%26frm%3D20%26pv%3D1%26ga_vid%3D629737997.1614865271%26ga_sid%3D1614865272%26ga_hid%3D1357063670%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D192%26ady%3D371%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736376%252C21066429%26oid%3D3%26pvsid%3D4296289433420388%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CopeE%257C%26abl%3DCS%26pfx%3D0%26cms%3D2%26fu%3D8192%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DOR6dYg6VG9%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D484&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fnewsyou.info&random=4150952158406&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
cd90c1ebcb1a32739ead6d02cbfbc1f9813a83a398f6d810b9410159bc3d3ab3

Request headers

Host
hal900029.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=ac00bd31f7be3242
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Thu, 04 Mar 2021 13:41:15 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 04 Mar 2021 13:41:15 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1224
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9DF7 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 03 Mar 2021 15:30:58 GMT
expires
Thu, 04 Mar 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
79817
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E173 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f73aa933bf967c43fe99a3d10e2d0840500795231852f28d1b3e07ef1f03e06e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a430a3f10ce490ee3be6f3159a368b22de00eb7089b4f7980e7de5bf943ad1d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 13:41:15 GMT
server
ESF
date
Thu, 04 Mar 2021 13:41:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 13:41:15 GMT
S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 9903 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97357500141172000951407011523029&a=d39e1b15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.138.57.20 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:15 GMT
Last-Modified
Tue, 24 Jul 2018 05:08:58 GMT
Server
nginx
ETag
"5b56b46a-1348d"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
78989
viewability
hal900029.redintelligence.net/ Frame 9903 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=97357500141172000951407011523029&a=8b81f9a6&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97357500141172000951407011523029&a=d39e1b15
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900029.redintelligence.net/request_content.php?s=97357500141172000951407011523029&a=d39e1b15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:15 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 9903 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 9DF7
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEzJBQWfDZ8cv1jYXDbfQeI&google_cver=1&google_push=AQvitULrZcpY5UfxuGWRSv4Fnux89kQMilWExQruSz6Slofk-K7XEA67yVW4myNoz-FYEX-VMZNext6k4C65N9fa1mehYCMy2wBE
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VFekpCUVdmRFo4Y3YxallYRGJmUWVJ
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VFekpCUVdmRFo4Y3YxallYRGJmUWVJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:14 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VFekpCUVdmRFo4Y3YxallYRGJmUWVJ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9DF7
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJlGHImkIF5Nsy-tWzaBKzY02eihV4syEAz7i22ovL0rPPJxn3Ke4-gqiIE1HfiMsJ0CAP1D0nQpOCjDUk6GhSQK8IC328R&google_gid=CAESEE70E4URsWpG0Vz1l976tRQ&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPvGg4IGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVKbEdISW1rSUY1TnN5LXRXemFCS3pZMDJlaWhWNHN5RUF6N2kyMm92TDByUFBKeG4zS2U0LWdxaUlFMUhmaU1zSjBDQVAxRDBuUXBPQ2pEVW...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQTAtVmVmOWRiLTZqRGMwX01PWm14ckpUYmZXQktPSjdBVzZHakY3YWNIcw==&google_push
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQTAtVmVmOWRiLTZqRGMwX01PWm14ckpUYmZXQktPSjdBVzZHakY3YWNIcw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 Mar 2021 13:41:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQTAtVmVmOWRiLTZqRGMwX01PWm14ckpUYmZXQktPSjdBVzZHakY3YWNIcw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9DF7
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJAle4P...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU1OTYyNTM3NjMyMDkwNw%3D%3D&google_push=AQvitUJAle4Ppq2ijouwHY5SJfGhHszFgzfX7RQMQbWGz6yYxKRFOujKhAJgl5f2e944lN...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU1OTYyNTM3NjMyMDkwNw%3D%3D&google_push=AQvitUJAle4Ppq2ijouwHY5SJfGhHszFgzfX7RQMQbWGz6yYxKRFOujKhAJgl5f2e944lNjdRj-JsKoYJNYH2t-f9zWf3OEZrC8
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDQxMzQxMTU1OTYyNTM3NjMyMDkwNw%3D%3D&google_push=AQvitUJAle4Ppq2ijouwHY5SJfGhHszFgzfX7RQMQbWGz6yYxKRFOujKhAJgl5f2e944lNjdRj-JsKoYJNYH2t-f9zWf3OEZrC8
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:15 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
sync
odr.mookie1.com/t/v2/ Frame 9DF7 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEE2kXMtr3ffGW69BsQWGjIw&google_push=AQvitUI4oB4jQvkx6rwdpxigDugM5jK9T6m7JIoPvRCsbsx7zUjJNdAMvk2iumQReRuhACEqHLfw0_hPApeAtjmemRZuDLJaj9C9&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9DF7
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFk7jjD1Oust4nqZ1GxD1Kk&google_cver=1&google_push=AQvitUK7CMVee_SnJSxAvdeUiKJp6S5JQk8IY-sA-wLvvrN6GBaOjUm2xEb1QWY3b7SR16muB8_L52vQT1uU14GD5Rgx7AIJ-TfS
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK7CMVee_SnJSxAvdeUiKJp6S5JQk8IY-sA-wLvvrN6GBaOjUm2xEb1QWY3b7SR16muB8_L52vQT1uU14GD5Rgx7AIJ-TfS&google_hm=CWPN4btpz90OxN0b1fe8IA==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK7CMVee_SnJSxAvdeUiKJp6S5JQk8IY-sA-wLvvrN6GBaOjUm2xEb1QWY3b7SR16muB8_L52vQT1uU14GD5Rgx7AIJ-TfS&google_hm=CWPN4btpz90OxN0b1fe8IA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK7CMVee_SnJSxAvdeUiKJp6S5JQk8IY-sA-wLvvrN6GBaOjUm2xEb1QWY3b7SR16muB8_L52vQT1uU14GD5Rgx7AIJ-TfS&google_hm=CWPN4btpz90OxN0b1fe8IA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
pbts8t3rkdtsr3lkjo6odfdbtop09nm1
pixel
cm.g.doubleclick.net/ Frame 9DF7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECbjZcbibmCQMBbenzF7J0Y&google_cver=1&google_push=AQvitUKiUhZPB7m-JAvvAvqCyZu_vXkXDIZVRwXQ8jkHtMvy7Bwi-yPrhfMSJ6I5TwN1EpFUWQd...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVWDM4VEktMS1JUUNX&google_push=AQvitUKiUhZPB7m-JAvvAvqCyZu_vXkXDIZVRwXQ8jkHtMvy7Bwi-yPrhfMSJ6I5TwN1EpFUWQdgVthN6c24Wwx4ubEBoGUde0rW
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVWDM4VEktMS1JUUNX&google_push=AQvitUKiUhZPB7m-JAvvAvqCyZu_vXkXDIZVRwXQ8jkHtMvy7Bwi-yPrhfMSJ6I5TwN1EpFUWQdgVthN6c24Wwx4ubEBoGUde0rW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVWDM4VEktMS1JUUNX&google_push=AQvitUKiUhZPB7m-JAvvAvqCyZu_vXkXDIZVRwXQ8jkHtMvy7Bwi-yPrhfMSJ6I5TwN1EpFUWQdgVthN6c24Wwx4ubEBoGUde0rW
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9DF7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEG1ryDMJgHPWXEc5GbElLU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEDjeyBZnSrgTpuPyWMdDwAABFMAAAAB&google_push=AQvitUK7ywTJ1nTHUyFvdvYGt7RMdbatNrQjLHMIPAdWsd0WeVAde4zmo6bWmliZIjWPE_95swU5vIUQd0iqu6E0mr...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEDjeyBZnSrgTpuPyWMdDwAABFMAAAAB&google_push=AQvitUK7ywTJ1nTHUyFvdvYGt7RMdbatNrQjLHMIPAdWsd0WeVAde4zmo6bWmliZIjWPE_95swU5vIUQd0iqu6E0mrJzTkq7iFLp&google_cver=1&google_gid=CAESEEG1ryDMJgHPWXEc5GbElLU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEDjeyBZnSrgTpuPyWMdDwAABFMAAAAB&google_push=AQvitUK7ywTJ1nTHUyFvdvYGt7RMdbatNrQjLHMIPAdWsd0WeVAde4zmo6bWmliZIjWPE_95swU5vIUQd0iqu6E0mrJzTkq7iFLp&google_cver=1&google_gid=CAESEEG1ryDMJgHPWXEc5GbElLU
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Thu, 04 Mar 2021 13:41:15 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9DF7 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOrQ2zSZBQdWlsKO1V2o3gBmUyJgMfRm-5gETJHpp_OkNNVjCUdIw18FSkSobJTq4gqBBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1614865271&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&dt=1614865271232&bpp=1&bdt=541&idt=479&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=192&ady=371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OR6dYg6VG9&p=https%3A//newsyou.info&dtd=484
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6216 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=3568711555965214&bg=!-fql-rnNAAWsVXnBrDsAKQB2-Dxa72MACGrGXPbyzFtLtbKK_Pzfkzic8fP6v_HbgTxAA7ahCb91AgAAAUNSAAAAKmgBBwoBG-kt-QIK8fphswCF_KzOFMZNf6K7bPYQgdci38Edjjt1DdmVY2nc84d9XhPHUgGnfEe1U6cXB7uSBid2ZzO9ONTz6rI8O_iasbSZpQVj1ZFFpBepmestwaRMe-LjWJJZcjtd3FCWqQ2roFwoUAUheb3eR00yjaK7RNAJrXNS6Fx3OpmKOY0HjTB8qLnET4rUxtyrFpBzlufhjuor7SrKUEW88KZIAXuStar7YEhB58k7NRD4rdT5krrj2I5Vuw1F6PPGuayCz1oSbhGzqmJFRc_o9Djji8zzTYBRE74rBn9JdIVsLr5HKjt4ia6YenvJd3a1c6I8kJMiNiHarGnwNEGTlaMtQFFd-MUgfAHCZsgmi4nWDr4hYlbpaS6ZAdk61MKknNRo3QvK7QZAPzSpvou-uBNky9UhlWoV1VjENRMpOYPQepHBMQcsBkMTCVQr65aX_TeI-2C-Jt8bTN2DliRLAZRq1l6Ah4phxbM3jP9AulBaJXVG1HZPf1SfvIcu51B-fzOeox2bdNbziewPLiwdEcOg3zJX76aS-sBA9EAxaCPRpdTnoluiGDfeJ2VBXtqPgHov9NrTDE3Cvhfcdg4cCG0Vky3TkrLFQ1CE20Dtri9BmhpQyHklGopnmTJCuFa77ggsqpRqkgczstC13qs2sEVUr4hDtzLZzHfjxhL_axogRtypbFosnyDFxX6bMPdREIk8if05tZDVQAj7ew7tYlK9rQqv4H2CU_CGMALbAnGJsn_3O-LcfpopO_kkhECtphebXKYB8suEo1K5GCzI8OtPNaxp0x0eig27QUOv7SbLmyRiPypYv3v9FS3RgjQtMcC-DzWx_aTIv7XBGGEFveEZ-xIGEyCuSUyMr5Yn0hTSjzUU5wQW_8izKIQ5DWqsU2ZkQ9slkdLfmKSzwKeymt3goBKYZg54SXP01fGDHFW2fB1Br7RXsdSKfJbRUZinTdYzWrbRSGeZExH47JsLmTeR6xDdZC0LJgqvokZHklkQ3tKc-A
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
m.mixadvert.com/show/load/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7882&id_name=GGcBq&teaser_name=ilFpbSF&block_name=GQNFYH&ban_teaser=&r=0.8554419348775326&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7882&r=0.7157739339320963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
770c6527ddfd45036db941da16f1cd0d78e301db5a59b5bf46b20e2c9d734bc2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C6A 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030201&jk=3713751079219583&bg=!dXaldjXNAAWsVXnBrDsAKQB2-Dxa5uzecmzXbHHPmlsCEWI5O3oNB0xTpdcYuIRqQzdD9RI6kH5EAgAAAVpSAAAAU2gBBwoAsC4AlSACVDMUeLFfIuSm1pCjTuOfYobXN3O8bu9F3HfLpCDf56PmgqOcLgg9c_fcQzkGHziumIa9gJE_bAFxiJBzWF40GbaU8kye1oXhCJGA6vf8te4oxMPUY73OeS8yWeOV3iKEzMAoIX5Y56Of4TbhheWAMu8SarNf_hzvFFSvOGEAvYtn68ZZxmrCncxAvzhPXLHocK9WQO32O95TLPn6cwPRn8gWXpZyQQYXo4uImQHYtULYW1b9pwhPDWsR8_paqYvYS1OyXNSoOEy4XGSUeY6vK1QAYhDOPW-1afQTZhfh4NKIuK4-0gGbJVKBhbPdHksgLuJWJ8-tV5m9cCMNUmoBIOULZDkQuPvlVUSGFPr9pI9tA-cnadEbeFhGtKf9mxpKXLb2p1-Id-16MtN464v751HVrs5sgZ73xhe9g52c74pQxnBMNauTCNqOc4fLOcRJhf-QLv35A73gMGykS8fenkZEH14E0ogXdwWns1ffuUuj6kqEaDhtejnA3XDpjflVwWzq3qapGLTevHbzCjXlDfBRAKLoQ2UEKr02GQ3Pi63F8XdUE_4Y7oL58CwlVGrVA1gtLxGQhNRafl1WxCkNJCa5PERpGU-SVRzfLO-RdlCykP7Nt1RuQHST1X3Rw4WeX5DHQmPmlGOdtzkMaoI-Scolabn74nr4EUU7P64ID8MZcxIEMdiJ-I147ThbHVspgzAtFEBF-_KlTB_XA-uVDgisNM4YdPguALC0zIbuWMtfvOpoivWUvWEcDi3BpmxWG9ucGS6KDfBDbopeecU850k_blTMe76LrtS4YA0pJEJYQvJVC6PoXBgIpvJyrskd-a2TdGMcTQ44F3rtZno_DQBNp4pbLQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1867 		156 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_newsyou.info_video&description_url=https%3A%2F%2Fnewsyou.info&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=866762945433602&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3122588904&sdk_apis=2%2C8&sid=DE8075F6-2E9C-4F26-937E-9A77C8D6CFE3&eid=21069903&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&dt=1614865275501&cookie=ID%3Dd180bf9febf395e9%3AT%3D1614865271%3AS%3DALNI_Ma1gl2qnJBiFr--HYJCrNhhFiVj2Q&scor=2929061288462125&ged=ve4_td1_tt0_pd1_la1000_er1464.175.1614.475_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7B5D 		156 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21857590943%2Fnewsyou.info%2Fnewsyou.info_video&description_url=http%3A%2F%2Fnewsyou.info&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3136389996354322&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=554478561&sdk_apis=2%2C8&sid=04768DC4-BEF6-4772-9757-3A3DE2E841E7&eid=420706098&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&dt=1614865275505&cookie=ID%3Dd180bf9febf395e9%3AT%3D1614865271%3AS%3DALNI_Ma1gl2qnJBiFr--HYJCrNhhFiVj2Q&scor=494139605134006&ged=ve4_td1_tt0_pd1_la1000_er1464.175.1614.475_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 82DA 		156 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21750935102%2Fmirs_li%2Fnewsyou.info&description_url=https%3A%2F%2Fnewsyou.info&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=280654664110994&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=531228736&sdk_apis=2%2C8&sid=A3777D61-4678-4D5E-A5D2-222302EF0885&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&dt=1614865275508&cookie=ID%3Dd180bf9febf395e9%3AT%3D1614865271%3AS%3DALNI_Ma1gl2qnJBiFr--HYJCrNhhFiVj2Q&scor=4259949623139423&ged=ve4_td1_tt0_pd1_la1000_er1464.175.1614.475_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
data.24smi.net/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.24smi.net/collect?obj=13248&template_id=1282&teaser_ids=3341633&t=1614865271267
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN (),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
cache-control
no-store
last-modified
Thursday, 04-Mar-2021 13:41:15 GMT
server
nginx
content-length
43
content-type
image/gif
adponegeneral1.js
s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/ Frame F224 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.108.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26e3ca7ea4955ef0f3add437f13b70cb0bff94ded5d99bb5933e80bf1ade44bb

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:16 GMT
Last-Modified
Sat, 09 May 2020 19:50:28 GMT
Server
AmazonS3
x-amz-request-id
53C46A0C6B974690
ETag
"7dad9c68594fb00fa58b39bd12fa9bd7"
Content-Type
application/javascript
x-amz-version-id
XMyhwwsyMGw6DDQEw4ew8Gi.MqWzp_7V
Accept-Ranges
bytes
Content-Length
7386
x-amz-id-2
TTEjDTLsen6/bymQPijuIoNegvGUthTFIso7E2PifaSScb0edasL9NrN1FXTK5ywZISQAas18Yw=
/
m.mixadvert.com/show/load/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7880&id_name=oHqbi&teaser_name=EEaGSRh&block_name=DkfNba&ban_teaser=&r=0.09437451109621842&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7880
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
30e595f7c8ae2b2e71843478f601ba67d6d39554a110a09d688b63563dcdb20c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
/
servicer.mgid.com/346316/ 		65 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/346316/?vast=1&w=359&h=202&pl=1&page=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&cbb=4865275868
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11b3e500000c8559375000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ab85663fac0c85-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=newsyou.info&rs=newsyou.info&sid=90919&t=1614865274&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=359&he=202&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1614865274202-997738895741-000333-002-003630&cha=0.7&cb=36327129101&cd3=native&cd4=346316&cd1=desktop&cd6=11&cd5=48555bef-7cef-11eb-b15f-d094662f8ab5&cd2=0&d9=1000&AV_WIDTH=359&AV_HEIGHT=202&nid=5ac2203f073ef46a6856c7b0&ncid=5c76455c073ef42c784ad54f&e=request&cb=1614865275869&asid=5e4676ba28a06144b256e7b2%2C5e8b5435c39a31348d329cf4%2C5eb16bf9336e195304626376%2C5f98323eb57e22303c5a0ff8&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.198.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid.js
hb.adpone.com/ Frame F224 		327 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid.js
Requested by
Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2004
content-type
application/javascript
x-amz-request-id
6E02F583733835F3
x-amz-id-2
MaZu06aUh8BfpsD8N/YB/d0HL34eRqe/WmE9V3LjE/3TGv6HbI2tmHbxvnBbONrckfDLnTJdjkQ=
last-modified
Thu, 08 Oct 2020 08:58:50 GMT
server
cloudflare
etag
W/"3f9f2be0df40c2f61ef943e7de1ea106"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qO67oDnSQcNPwbQt1brxFpe1tmYI3iVRO4mE3dwGJ4KsuM8VJqshnknVkmpjCVBR8QJkiNco1nwtnlGPPD4WZnm66zLjt8HF2asmNoGOO%2BOt%2FY7VrPkC4ne2"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
rBVPesXy_KxlMhmQGZiGrffT5fqVdJJ6
cache-control
max-age=14400
cf-request-id
089f11b3e4000006056311d000000001
cf-ray
62ab85663d3f0605-FRA
arj
adpone-d.openx.net/w/1.0/ Frame F224 		172 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=e89d1ece-f3bf-4787-950d-58b251a69182&nocache=1614865275939&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!adpone.com%2C1992%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1614865275874&auid=541066155
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
ce349208165750294703765b74bc2fc56f882d597695f76c27213b5b4adf06a5

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F224 		137 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a299d903d139dc0ebba9c9ace11dfc1e4210bde4102cfff971a9c5c6c07d8199
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:15 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.50:80
AN-X-Request-Uuid
898a08f0-1441-4ea2-b4f7-a43c7419839e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://newsyou.info
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F224 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=270626&zone_id=1699154&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!adpone.com,1992,1,,,&rf=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&tk_flint=adpnPbjs_lite_v3.26.0&x_source.tid=e89d1ece-f3bf-4787-950d-58b251a69182&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7575396356932549
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7b3a9d3a8fc946cd069dba67e3faa2acc1e463ddbcebde7f362be442db430215

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://newsyou.info
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame F224 		975 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
cd704d1b9d4a086adeb2118cf5d2484c2dc25e82fe9a1aeb99cb64872491eb4b

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b1%3b53
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://newsyou.info
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
translator
hbopenbid.pubmatic.com/ Frame F224 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 04 Mar 2021 12:58:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=newsyou.info&rs=newsyou.info&sid=90919&t=1614865274&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=359&he=202&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1614865274202-997738895741-000333-002-003630&cha=0.7&cb=36327129101&cd3=native&cd4=346316&cd1=desktop&cd6=11&cd5=48555bef-7cef-11eb-b15f-d094662f8ab5&cd2=0&d9=1000&AV_WIDTH=359&AV_HEIGHT=202&nid=5ac2203f073ef46a6856c7b0&ncid=5c76455c073ef42c784ad54f&e=bid&cb=1614865275950&asid=5e4676ba28a06144b256e7b2%2C5e8b5435c39a31348d329cf4%2C5eb16bf9336e195304626376&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.198.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3BA4 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:15 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8040 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:15 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame BABF 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:15 GMT
adponegeneral040.js
s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/ Frame 0458 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral040.js
Requested by
Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.108.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28dbb07338d3da53dded0c412a60bc485bf9e4313cd660d147b6883fe1812ab2

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:17 GMT
Last-Modified
Sat, 09 May 2020 19:46:49 GMT
Server
AmazonS3
x-amz-request-id
EWAG6S7Y1HDM0G6M
ETag
"415057e7cb42c8722ffcad2c10947985"
Content-Type
application/javascript
x-amz-version-id
CX9eJEAtZXDaRBFa5IbF8xKYfTA4Hcr1
Accept-Ranges
bytes
Content-Length
7463
x-amz-id-2
uDSwJToD6TIdnYWPxUV7Wn9KGk9mYLKbD0gWm5JrxSGl6jDVhI3Fqn2qqE43TSllnHZtuRSZQHg=
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 7A92 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
155090
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 3BA4 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:16 GMT
integrator.js
adservice.google.com/adsid/ Frame 3BA4 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame E785 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
155090
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame BABF 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:16 GMT
integrator.js
adservice.google.com/adsid/ Frame BABF 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 61AB 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
155090
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 8040 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:16 GMT
integrator.js
adservice.google.com/adsid/ Frame 8040 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2A30 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
312
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 04 Mar 2021 14:36:04 GMT
prebid.js
hb.adpone.com/ Frame 0458 		327 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid.js
Requested by
Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2005
content-type
application/javascript
x-amz-request-id
6E02F583733835F3
x-amz-id-2
MaZu06aUh8BfpsD8N/YB/d0HL34eRqe/WmE9V3LjE/3TGv6HbI2tmHbxvnBbONrckfDLnTJdjkQ=
last-modified
Thu, 08 Oct 2020 08:58:50 GMT
server
cloudflare
etag
W/"3f9f2be0df40c2f61ef943e7de1ea106"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BS8xeaM8CY8iIQhVx7XqaW9iEMtJrB894ptFpArpoY5joo9LrPXhdRascfLqxxBzAeMNRGY5qqAhJwOhM6KeUCjjMfoqAkBDecFoLho6fdUVUg%2BkGDCzGjT2"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
rBVPesXy_KxlMhmQGZiGrffT5fqVdJJ6
cache-control
max-age=14400
cf-request-id
089f11b4ee000006055e1f5000000001
cf-ray
62ab8567efdc0605-FRA
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CF5E 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
312
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 04 Mar 2021 14:36:04 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5D89 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
312
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 04 Mar 2021 14:36:04 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 0458 		172 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=a4c07c72-15f1-4609-aa20-1000447a2550&nocache=1614865276218&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!adpone.com%2C%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1614865276138&auid=541066156
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
b661f6937b1215fee1a2217628729748102cc6d2037d1b2b5298a5b7e482852e

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 0458 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 04 Mar 2021 13:31:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 0458 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
247e7139df888b6229896c7d5b89dc8268a6d538bfb10dd3b7a20b98fdc32c60

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:15 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b13%3b98
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://newsyou.info
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0458 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=270626&zone_id=1699156&size_id=15&p_pos=atf&gdpr=0&rf=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&tk_flint=adpnPbjs_lite_v3.26.0&x_source.tid=a4c07c72-15f1-4609-aa20-1000447a2550&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7423647352014828
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1160dfaf455b749a38394ba516241c53d8c3f8101a6b8bd7a15b406381f738c0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:16 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://newsyou.info
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 0458 		19 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:16 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid
ed06aa5a-2659-4f7c-86d0-3c5ffd65ae5f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://newsyou.info
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E173 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEJ1hygMJkxo3pA5OgP4KACpj6Aon5iKyn5x1zbSY7MsV3Wp1MwaLLY7Ie0lELPxmb91InyN2_ULK18sfOJZCMe2VRyMY07A&sig=Cg0ArKJSzJhKWvc8HzFQEAE&cid=CAASF-RoOTWqTTMEILgG97CB126KAVgQn-iB&id=osdim&mcvt=1010&p=371,312,651,648&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1966935994&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614865271728&dlt=818&rpt=132&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adidas_300x250.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame E22B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/adidas_300x250.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/fotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.108.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:17 GMT
Last-Modified
Sun, 23 Sep 2018 17:44:28 GMT
Server
AmazonS3
x-amz-request-id
001239D18CA31527
ETag
"702b3e474e01427f8af949cf0c7fbd69"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
26619
x-amz-id-2
BS8SPF78eeWKtDjjG4T25qGnc+qoVr4/w2LEYXlDxnE4YDEyumOIE8s66JRUlbYparUvAd8pbz8=
viewability
hal900029.redintelligence.net/ Frame 9903 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=97357500141172000951407011523029&a=8b81f9a6&vb=v
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97357500141172000951407011523029&a=d39e1b15
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900029.redintelligence.net/request_content.php?s=97357500141172000951407011523029&a=d39e1b15
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:16 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
ads
pubads.g.doubleclick.net/gampad/ Frame 7A92 		68 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21750935102%2Fmirs_li%2Fnewsyou.info&description_url=https%3A%2F%2Fnewsyou.info&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3502472469641219&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=1079455602&sdk_apis=2%2C8&sid=B1704B22-F294-4F2F-A40F-792F832D1D69&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&dt=1614865276399&cookie_enabled=1&scor=3323885104937946&ged=ve4_td0_tt0_pd0_la0_er1464.175.1614.475_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0c74084710ab5ef598bb991211da28e7a3a7cd4233d00d68a7d3326f44b135be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14279
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E785 		156 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_newsyou.info_video&description_url=https%3A%2F%2Fnewsyou.info&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=547048338938029&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=1668553446&sdk_apis=2%2C8&sid=E5CD4C1A-516C-42A5-8E5B-2C1C20AD930E&eid=44729226%2C44730612&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&dt=1614865276402&cookie_enabled=1&scor=2001734012899192&ged=ve4_td0_tt0_pd0_la0_er1464.175.1614.475_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 61AB 		70 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21857590943%2Fnewsyou.info%2Fnewsyou.info_video&description_url=http%3A%2F%2Fnewsyou.info&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3548034249156700&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2805667726&sdk_apis=2%2C8&sid=AEEEF192-BDE4-4684-BD27-7BEFEF4AF427&eid=44725356%2C44728150&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&dt=1614865276407&cookie_enabled=1&scor=1937899371447127&ged=ve4_td0_tt0_pd0_la0_er1464.175.1614.475_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
5d0480011b8f6b731af7cb95aa86cbfe7a64cea5078e2fc53d7f6dcc6202e020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210302&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bf2a2194d9e88ac05d94c907c89c36a9d065270f1dd3ad8258f6c752e37bc01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6498
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 04 Mar 2021 13:41:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame B35E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Thu, 04 Mar 2021 13:23:24 GMT
expires
Fri, 04 Mar 2022 13:23:24 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1072
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame B35E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
236917
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=newsyou.info&rs=newsyou.info&sid=90919&t=1614865274&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=359&he=202&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1614865274202-997738895741-000333-002-003630&cha=0.7&cb=36327129101&cd3=native&cd4=346316&cd1=desktop&cd6=11&cd5=48555bef-7cef-11eb-b15f-d094662f8ab5&cd2=0&d9=1000&AV_WIDTH=359&AV_HEIGHT=202
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.198.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 04 Mar 2021 13:41:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
c.mgid.com/vs/ 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=1725&iid=346316&e=load&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%2248555bef-7cef-11eb-b15f-d094662f8ab5%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%7D&t=0&c=20174&h=BzU5dMuZ_ZITwt7ce3vz8ilQbH98SeqE8SzmpX4Rb6Iz1d8buv6WV47APvmJpdw3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62ab856b1aa50c85-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089f11b6ea00000c85e1226000000001
truncated
/ 		581 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210302&jk=4296289433420388&bg=!Y2ClYCPNAAWsVXnBrDsAKQB2-Dxahwislk79beimyD7gKKyNoOOCSf5juS6D5oyVUp_hFJ6VL2pTAgAAAIJSAAAAEGgBBwoARKrBdp4-QN_wmOL7UvT4w3lNM7MhqtYv9s_7Ws7YCf0FMAawJGUdDSMLcKlI78LZR4Aue30yLKqAlwqfLRO6uuRKfNlvmQHOpEMAzUoA0HTPQdgkY4EPV7Vjv09BL-wH3O3zlQu4lJbDJaf4jLzqIG4OpntOQ2twlDFPErMdSyrERiUbs_QKxeyrdK_B0kjSfPRm7G18C5t1Yl9dKCpFsGHwX9GBS7p7LVxQdw-VMRkvPmq7HibOwBudU5vGCpaYnClTpIkWq0Rutnai3y48QGK0bQggz74F3NTL2HU0DCh7hW0Fj268cWZiOQk9k9Px2teHS45YaGKZg6P4NAT0lTDg7b4NZdeg7U8S1q3l1rlQdokusVvk2a-tCw5booAtExHy4uWsBd9KEjX41Mn0KerqNFwjFodRzfCfGQJAEOUSZ_QCu46alURbFGfS6BjDfjLnBG0Mubyfd72BnuW1Dm_cK0aoy5mvG4bylzV9HIQFDm3WyvNwj44GrJv_YYY-p_keONfQnbCfF-kIB5hEXRRRTvIJQHSycg2TbH30cZkOE-mWMQAuOQnF90VO_J-V21IShqER2FNKRV90JzffTDYOG9CMGHqc_jTxNG5ok-xUjfoDww2DEYrr1NPvFvPQgLGR3NQ4EUnjoh5P_K2tbSfn6pQyc4jACjJNe3qagq7QzOOATMMeoiafZBunkRjZ2oG94ibO
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame CEFF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 04 Mar 2021 13:41:18 GMT
Age
28237
X-Served-By
cache-lga21981-LGA, cache-fra19124-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 244176
X-Timer
S1614865279.793881,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CB6C 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Mar 2021 13:41:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D1CB 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=34111
Expires
Thu, 04 Mar 2021 23:09:49 GMT
Date
Thu, 04 Mar 2021 13:41:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame 6DB1 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1613661331.105246"
Last-Modified
Thu, 18 Feb 2021 15:14:17 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Thu, 04 Mar 2021 13:41:18 GMT
Content-Length
445
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame F9D0
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
7f70ebaf7ea9939bfa5120cd44f0f584011a01bdcb37c02d9aa368035d40c96e

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; Version=1; Expires=Fri, 04-Mar-2022 13:41:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614865278|gekin0vNiygu; Version=1; Expires=Fri, 19-Mar-2021 13:41:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 04 Mar 2021 13:41:18 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; Version=1; Expires=Fri, 04-Mar-2022 13:41:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
date
Thu, 04 Mar 2021 13:41:18 GMT
content-length
0
via
1.1 google
alt-svc
clear
usync.js
eus.rubiconproject.com/ Frame CB6C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1dcacffd5056e8521c39d12085fe6a73b310f80bd764e77e067ff15b49a715d3

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26236
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Thu, 04 Mar 2021 20:58:34 GMT
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 6DB1 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9E) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:18 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:14:17 GMT
server
ECS (amb/6B9E)
age
80700
etag
"f720a7f2a8432d0f18de76239266413f:1613661329.433766"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
mime-version
1.0
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 6DB1 		74 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA3) /
Resource Hash
c6519d6a796a5ef0daa0e7628812ffc354d25635216b7aaafda7cd58a958dc6f

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:18 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:13 GMT
server
ECS (amb/6BA3)
age
80331
etag
"76c4b2e4d7cfc32ed3d0fd0e8507a2b5:1613661331.820325"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
mime-version
1.0
content-length
3527
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 6DB1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B77) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:18 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:14 GMT
server
ECS (amb/6B77)
age
80696
etag
"5c225f0da4164867a9eba01d527131e3:1613661330.299947"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
mime-version
1.0
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 6DB1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:18 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:15 GMT
server
ECS (amb/6B74)
age
80700
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1613661330.71025"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
sd
eu-u.openx.net/w/1.0/ Frame F9D0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b1b86040-e37e-4000-9b7f-849ded250fa0
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b1b86040-e37e-4000-9b7f-849ded250fa0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 04 Mar 2021 13:40:51 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b1b86040-e37e-4000-9b7f-849ded250fa0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 04 Mar 2021 13:40:50 GMT
sd
us-u.openx.net/w/1.0/ Frame F9D0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=pKXUHPem10m_9tNN8KDNGvDw1km_8YEdo_OXUWTA
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=pKXUHPem10m_9tNN8KDNGvDw1km_8YEdo_OXUWTA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=pKXUHPem10m_9tNN8KDNGvDw1km_8YEdo_OXUWTA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F9D0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216364356457010396
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216364356457010396
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216364356457010396
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame F9D0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=ed2049fc-a1e8-3558-7785-a72d2b155b67&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.253.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-253-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F9D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE0ZjlhMzYtNjg5Zi02YmZjLTYyNjUtZmQ5NGUxZjc5NTA3
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE0ZjlhMzYtNjg5Zi02YmZjLTYyNjUtZmQ5NGUxZjc5NTA3&google_tc=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE0ZjlhMzYtNjg5Zi02YmZjLTYyNjUtZmQ5NGUxZjc5NTA3&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE0ZjlhMzYtNjg5Zi02YmZjLTYyNjUtZmQ5NGUxZjc5NTA3&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F9D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN8uOmfWvNKVx5zYutztFm0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN8uOmfWvNKVx5zYutztFm0&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN8uOmfWvNKVx5zYutztFm0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D1CB 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
adf38216e8c1a7dbb2efc8bd198bbc8b28cb70b299fa3ce35f6b9fd55b3e072e

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:22 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
bounce
ib.adnxs.com/ Frame CEFF
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:18 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.76:80
AN-X-Request-Uuid
4d250643-4555-42f8-b42c-5ca2729fe9f0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:18 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid
93a215f7-f85e-4021-9b83-50800de9b861
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 5637 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 04 Mar 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1254
date
Thu, 04 Mar 2021 13:41:18 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 73A1
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6948537625980446964
42 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6948537625980446964
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203; PUBMDCID=3; KRTBCOOKIE_1101=23040-6935793556483864722; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; PugT=1614865279; KRTBCOOKIE_27=16735-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&16736-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23019-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23114-uid:b1b86040-e37e-4000-9b7f-849ded250fa0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_336=5844-6948537625980446964; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:19 GMT; path=/ PugT=1614865279; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:19 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:19 GMT; path=/
X-lat
Pug23027:0:427
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6948537625980446964
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 649B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNkwwN0FnY2NBQUEtNXJscUtoZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE6L07AgccAAA-5rlqKhg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8213807083228411280
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAE6L07AgccAAA-5rlqKhg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D8213807083228411280%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=8213807083228411280&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAE6L07AgccAAA-5rlqKhg&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE6L07AgccAAA-5rlqKhg
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE6L07AgccAAA-5rlqKhg
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203; PUBMDCID=3; KRTBCOOKIE_1101=23040-6935793556483864722; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; KRTBCOOKIE_27=16735-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&16736-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23019-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23114-uid:b1b86040-e37e-4000-9b7f-849ded250fa0; KRTBCOOKIE_391=22924-5340075711674575271; KRTBCOOKIE_22=14911-7986630435418036215; KRTBCOOKIE_377=6810-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&22918-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&23031-5091babd-22b7-4e6a-8fe6-f9fdce64388d; KRTBCOOKIE_80=16514-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&22987-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&23025-CAESEN3rlNqHa-5tulouuaVjKxs; KRTBCOOKIE_57=22776-950601676653127639; KRTBCOOKIE_153=19420-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w&KRTB&22979-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w; PugT=1614865279; KRTBCOOKIE_107=1471-uid:OWqa8W8g1LhOeb5; KRTBCOOKIE_336=5844-6948537625980446964; KRTBCOOKIE_188=3189-no-consent
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 04 Mar 2021 13:41:19 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AAE6L07AgccAAA-5rlqKhg; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:19 GMT; path=/ PugT=1614865279; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:19 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:19 GMT; path=/
X-lat
lhrpug019:0:415
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Thu, 04 Mar 2021 13:41:19 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE6L07AgccAAA-5rlqKhg
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 1C53
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935793556483864722
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935793556483864722
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 04 Mar 2021 13:41:19 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6935793556483864722; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:19 GMT; path=/ PugT=1614865279; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:19 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:19 GMT; path=/
X-lat
lhrpug001:0:537
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 04 Mar 2021 13:41:18 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6935793556483864722; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935793556483864722
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 5E51
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rlh2o3d2ezcMAbeqkDqbWak1
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rlh2o3d2ezcMAbeqkDqbWak1
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 04 Mar 2021 13:41:19 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:19 GMT; path=/ PugT=1614865279; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:19 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:19 GMT; path=/
X-lat
lhrpug004:0:709
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 04 Mar 2021 13:41:18 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=Rlh2o3d2ezcMAbeqkDqbWak1; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rlh2o3d2ezcMAbeqkDqbWak1
strict-transport-security
max-age=0; includeSubDomains;
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 15C0
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 04 Mar 2021 13:41:18 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:18 GMT; path=/ PugT=1614865278; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:18 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:18 GMT; path=/
X-lat
lhrpug016:0:485
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Thu, 04 Mar 2021 13:41:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, must-revalidate
Expires
0
Pragma
no-cache
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
ETag
OPTOUT
bridge
cm.adgrx.com/ Frame C84B 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 04 Mar 2021 13:41:18 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame EA72
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=axnoeUsKBRwFmDqS86kuMKTEjlMTBcwDUhmlAovN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d45608aa99e66495348ad1db72b4fd7d31614865279; expires=Sat, 03-Apr-21 13:41:19 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aynseFRwEfFS2QVormfeK3RTuJnncJWJci5r2jbUKfFdjGOqbSDcwGy3t08gZa5rPV8y63J3KjrU87DexoZa2s; path=/; domain=.tribalfusion.com; expires=Wed, 02-Jun-2021 13:41:19 GMT; SameSite=None; Secure; ANON_ID_old=aynseFRwEfFS2QVormfeK3RTuJnncJWJci5r2jbUKfFdjGOqbSDcwGy3t08gZa5rPV8y63J3KjrU87DexoZa2s; path=/; domain=.tribalfusion.com; expires=Wed, 02-Jun-2021 13:41:19 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
089f11c0a80000c28b7699a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62ab857aaedec28b-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-type
text/html
set-cookie
__cfduid=d998304cf65d18d57f3c6f495bf81b79e1614865278; expires=Sat, 03-Apr-21 13:41:18 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=axnoeUsKBRwFmDqS86kuMKTEjlMTBcwDUhmlAovN; path=/; domain=.tribalfusion.com; expires=Wed, 02-Jun-2021 13:41:19 GMT; SameSite=None; Secure; ANON_ID_old=axnoeUsKBRwFmDqS86kuMKTEjlMTBcwDUhmlAovN; path=/; domain=.tribalfusion.com; expires=Wed, 02-Jun-2021 13:41:19 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
775
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
089f11bfcf0000c28b6d0a1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62ab85794d8cc28b-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame DC56
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=r3J1dIL8TJ4c&pid=557219
1 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=r3J1dIL8TJ4c&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203; PUBMDCID=3; KRTBCOOKIE_1101=23040-6935793556483864722; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; KRTBCOOKIE_27=16735-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&16736-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23019-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23114-uid:b1b86040-e37e-4000-9b7f-849ded250fa0; KRTBCOOKIE_391=22924-5340075711674575271; KRTBCOOKIE_22=14911-7986630435418036215; KRTBCOOKIE_377=6810-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&22918-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&23031-5091babd-22b7-4e6a-8fe6-f9fdce64388d; KRTBCOOKIE_80=16514-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&22987-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&23025-CAESEN3rlNqHa-5tulouuaVjKxs; KRTBCOOKIE_57=22776-950601676653127639; KRTBCOOKIE_153=19420-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w&KRTB&22979-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w; PugT=1614865279; KRTBCOOKIE_107=1471-uid:OWqa8W8g1LhOeb5; KRTBCOOKIE_336=5844-6948537625980446964; KRTBCOOKIE_188=3189-no-consent
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:19 GMT; path=/
X-lat
Pug23022:0:2268
Content-Length
1
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
text/html; charset=utf-8

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-srcmc
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=r3J1dIL8TJ4c&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=283fb6a45175e32a; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame D9B3
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
76 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 varnish
x-served-by
cache-hhn11582-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1614865279.006571,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 04-Mar-2022 13:41:18 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 04 Mar 2021 13:41:18 GMT
via
1.1 varnish
x-served-by
cache-hhn11582-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1614865279.973229,VS0,VE9
x-vcl-time-ms
9
content-length
0
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame A86F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OWqa8W8g1LhOeb5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OWqa8W8g1LhOeb5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156383:2; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203; PUBMDCID=3; KRTBCOOKIE_1101=23040-6935793556483864722; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; PugT=1614865279; KRTBCOOKIE_27=16735-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&16736-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23019-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23114-uid:b1b86040-e37e-4000-9b7f-849ded250fa0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 04 Mar 2021 13:41:19 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:OWqa8W8g1LhOeb5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:19 GMT; path=/ PugT=1614865279; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 13:41:19 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:19 GMT; path=/
X-lat
lhrpug008:0:588
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Thu, 04 Mar 2021 13:41:18 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OWqa8W8g1LhOeb5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0ae06fec161a2bbf2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=OWqa8W8g1LhOeb5; Domain=.w55c.net; Expires=Mon, 04-Apr-2022 13:41:19 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 03-Apr-2021 13:41:19 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
check
pixel.tapad.com/idsync/ex/receive/ Frame 0B12
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56504918&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1614865281563; TapAd_DID=4e2e7eb2-7cef-11eb-b5ec-fa0d99bcfabb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 04 Mar 2021 13:41:21 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Thu, 04 Mar 2021 13:41:21 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1614865281563;Expires=Mon, 03 May 2021 13:41:21 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=4e2e7eb2-7cef-11eb-b5ec-fa0d99bcfabb;Expires=Mon, 03 May 2021 13:41:21 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D1CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=crUiTJ1GS-eaNz9c0SweLQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=39641
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 05 Mar 2021 00:41:59 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D1CB 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62ab85795e154e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
089f11bfd500004e9dd1013000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame D1CB
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:17 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:17 GMT
frontend-id
2
location
/pubmatic/1/info2?sType=sync&sExtCookieId=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&addseg=17
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&addseg=17
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:21 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 04 Mar 2021 13:41:18 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&addseg=17
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzJCNTIyNEMtOUQ0Ni00QkU3LTlBMzctM0Y1Q0QxMkMxRTJE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
X-lat
Pug23024:0:296
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN3rlNqHa-5tulouuaVjKxs&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN3rlNqHa-5tulouuaVjKxs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:18 GMT
X-lat
Pug23029:0:338
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN3rlNqHa-5tulouuaVjKxs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D1CB 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 03 Mar 2021 13:41:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5340075711674575271
42 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5340075711674575271
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:17 GMT
X-lat
Pug23040:0:319
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5340075711674575271
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b1b86040-e37e-4000-9b7f-849ded250fa0&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b1b86040-e37e-4000-9b7f-849ded250fa0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:19 GMT
X-lat
lhrpug004:0:776
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 04 Mar 2021 13:40:51 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b1b86040-e37e-4000-9b7f-849ded250fa0&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 04 Mar 2021 13:40:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5091babd-22b7-4e6a-8fe6-f9fdce64388d
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5091babd-22b7-4e6a-8fe6-f9fdce64388d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:19 GMT
X-lat
lhrpug005:0:620
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5091babd-22b7-4e6a-8fe6-f9fdce64388d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=950601676653127639&gdpr=0&gdpr_consent=
42 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=950601676653127639&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:18 GMT
X-lat
Pug23039:0:290
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:18 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid
f6d8ce1d-81cd-48be-a549-986a14c24669
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=950601676653127639&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-K4tIQ7t1l2JfuA201oY27YZsG2MpRqk-&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-K4tIQ7t1l2JfuA201oY27YZsG2MpRqk-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 04 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-K4tIQ7t1l2JfuA201oY27YZsG2MpRqk-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D1CB 		43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:19 GMT
X-lat
lhrpug011:0:433
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 04 Mar 2021 13:41:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=C7Bkmx5WQYZQOBnIwYTI9rnUq0M&user_group=1&ssp=pubmatic
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=C7Bkmx5WQYZQOBnIwYTI9rnUq0M&user_group=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=461b3516-1363-4479-8618-90b32bdd6658&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=461b3516-1363-4479-8618-90b32bdd6658&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:26 GMT
X-lat
lhrpug010:0:473
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=461b3516-1363-4479-8618-90b32bdd6658&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 04 Mar 2021 13:41:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
X-lat
Pug23024:0:321
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEDjhgAAAK6vH1LS&gdpr=0&gdpr_consent=&_test=YEDjhgAAAK6vH1LS
1 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEDjhgAAAK6vH1LS&gdpr=0&gdpr_consent=&_test=YEDjhgAAAK6vH1LS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:25 GMT
X-lat
Pug23042:0:369
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614865286.286437,VS0,VE0
x-served-by
cache-hhn4068-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEDjhgAAAK6vH1LS&gdpr=0&gdpr_consent=&_test=YEDjhgAAAK6vH1LS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
X-lat
Pug23024:0:377
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame D1CB 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fb880d4a-8beb-4915-a3d0-4a1110a690e1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fb880d4a-8beb-4915-a3d0-4a1110a690e1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:26 GMT
X-lat
lhrpug015:0:466
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fb880d4a-8beb-4915-a3d0-4a1110a690e1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 04 Mar 2021 13:41:26 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7261955433230282486
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7261955433230282486
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:24 GMT
X-lat
Pug23034:0:270
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.9:80
AN-X-Request-Uuid
88dfe53d-e119-4849-b1f3-5612fef7789c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7261955433230282486
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D1CB
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_aee1e982-0638-4174-8862-13438619d477
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_aee1e982-0638-4174-8862-13438619d477
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:26 GMT
X-lat
lhrpug008:0:552
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_aee1e982-0638-4174-8862-13438619d477
date
Thu, 04 Mar 2021 13:41:26 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1F4A 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156383:2; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203; PUBMDCID=3; KRTBCOOKIE_1101=23040-6935793556483864722; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; KRTBCOOKIE_27=16735-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&16736-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23019-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23114-uid:b1b86040-e37e-4000-9b7f-849ded250fa0; KRTBCOOKIE_391=22924-5340075711674575271; KRTBCOOKIE_22=14911-7986630435418036215; KRTBCOOKIE_377=6810-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&22918-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&23031-5091babd-22b7-4e6a-8fe6-f9fdce64388d; KRTBCOOKIE_80=16514-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&22987-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&23025-CAESEN3rlNqHa-5tulouuaVjKxs; KRTBCOOKIE_57=22776-950601676653127639; KRTBCOOKIE_153=19420-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w&KRTB&22979-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w; PugT=1614865279
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=34110
Expires
Thu, 04 Mar 2021 23:09:49 GMT
Date
Thu, 04 Mar 2021 13:41:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 974E 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Mar 2021 13:41:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame A31D 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1613661331.105246"
Last-Modified
Thu, 18 Feb 2021 15:14:17 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Thu, 04 Mar 2021 13:41:19 GMT
Content-Length
445
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 5A32 		498 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
411699f411079b5513ed4b81369aebaea0531d8c6666411e719ac31094006358

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; pd=v2|1614865278|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; Version=1; Expires=Fri, 04-Mar-2022 13:41:19 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614865278.1|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Fri, 19-Mar-2021 13:41:19 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 04 Mar 2021 13:41:19 GMT
content-type
text/html
content-length
317
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 633B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=950601676653127639
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 04 Mar 2021 13:41:26 GMT
Age
28245
X-Served-By
cache-lga21981-LGA, cache-fra19138-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 243249
X-Timer
S1614865286.405782,VS0,VE0
Vary
Accept-Encoding
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame A31D 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9E) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:14:17 GMT
server
ECS (amb/6B9E)
age
80701
etag
"f720a7f2a8432d0f18de76239266413f:1613661329.433766"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
mime-version
1.0
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame A31D 		74 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA3) /
Resource Hash
c6519d6a796a5ef0daa0e7628812ffc354d25635216b7aaafda7cd58a958dc6f

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:13 GMT
server
ECS (amb/6BA3)
age
80332
etag
"76c4b2e4d7cfc32ed3d0fd0e8507a2b5:1613661331.820325"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
mime-version
1.0
content-length
3527
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame A31D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B77) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:14 GMT
server
ECS (amb/6B77)
age
80697
etag
"5c225f0da4164867a9eba01d527131e3:1613661330.299947"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
mime-version
1.0
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame A31D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:15 GMT
server
ECS (amb/6B74)
age
80701
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1613661330.71025"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
sd
us-u.openx.net/w/1.0/ Frame 5A32
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 5A32
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=MnbDwAhujHaR8eua-Axh3Q==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
hjav02f9p4dqfae6bk6m41saealoa98l

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
79e72fb8-3144-a711-4652-b1d8d442962e
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5A32 		43 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/79e72fb8-3144-a711-4652-b1d8d442962e?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5A32
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=OWqa8W8g1LhOeb5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=OWqa8W8g1LhOeb5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:18 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0047f8acf6307f30d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=OWqa8W8g1LhOeb5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5A32
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=3da06132-baad-48fa-bde4-34c1db14790a
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=3da06132-baad-48fa-bde4-34c1db14790a
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2f0c2bc8-e627-4247-b5f5-3251396859ef&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=3da06132-baad-48fa-bde4-34c1db14790a
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=3da06132-baad-48fa-bde4-34c1db14790a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=3da06132-baad-48fa-bde4-34c1db14790a
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 5A32
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE6L07AgccAAA-5rlqKhg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAE6L07AgccAAA-5rlqKhg
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAE6L07AgccAAA-5rlqKhg
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAE6L07AgccAAA-5rlqKhg
Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
usync.js
eus.rubiconproject.com/ Frame 974E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1dcacffd5056e8521c39d12085fe6a73b310f80bd764e77e067ff15b49a715d3

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26235
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Thu, 04 Mar 2021 20:58:34 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 3297
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://csync.smartadserver.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pid=8213807083228411280; TestIfCookieP=ok; csync=127:AAE6L07AgccAAA-5rlqKhg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://csync.smartadserver.com/

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-type
image/gif
cache-control
no-cache,no-store
pragma
no-cache
transfer-encoding
chunked
set-cookie
csync=91:72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D|127:AAE6L07AgccAAA-5rlqKhg; expires=Mon, 04 Apr 2022 13:41:19 GMT; domain=smartadserver.com; path=/; secure; samesite=none
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Date
Thu, 04 Mar 2021 13:39:24 GMT
Content-Length
0
cm
eu-u.openx.net/w/1.0/ Frame 000A 		778 B
808 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
6490d2898ef82a7d142af8178481792700183d7d026790dc4546541bdc4a4189

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smartadserver.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; pd=v2|1614865278.1|kiiygevNgun0.mWgqsLommOns
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://csync.smartadserver.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; Version=1; Expires=Fri, 04-Mar-2022 13:41:19 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614865278.1|kiiygevNgun0.j8mWfcsHqGgqsLiSommOnsgi; Version=1; Expires=Fri, 19-Mar-2021 13:41:19 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 04 Mar 2021 13:41:19 GMT
content-type
text/html
content-length
483
content-encoding
gzip
via
1.1 google
alt-svc
clear
pixelssl.htm
ad.turn.com/server/ Frame 79EF 		408 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.turn.com/server/pixelssl.htm?fpid=33&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
61d62cea4db8470d4d47e2517c3b0e04bfd57451cdfe1b314bb7ed9ee2855747

Request headers

:method
GET
:authority
ad.turn.com
:scheme
https
:path
/server/pixelssl.htm?fpid=33&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smartadserver.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=7986630435418036215
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://csync.smartadserver.com/

Response headers

set-cookie
JSESSIONID=95533C20384BB12BD4802F221DE324D4; Path=/; Secure; HttpOnly uid=7986630435418036215; Domain=.turn.com; Expires=Tue, 31-Aug-2021 13:41:19 GMT; Path=/; Secure; SameSite=None
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
vary
accept-encoding
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 04 Mar 2021 13:41:18 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 408D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d96c0437b9c4899aa89e369714e393905d50a548ca6544486eecdab46dd8146

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://csync.smartadserver.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YEDjf0x7ltHRTmXkMP0z0wAA; CMPS=3164
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://csync.smartadserver.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|45|230|47|105|195|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1776
Expires
Thu, 04 Mar 2021 13:41:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YEDjf0x7ltHRTmXkMP0z0wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Mar 2022 13:41:19 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 02 Jun 2021 13:41:19 GMT CMPRO=1134;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 02 Jun 2021 13:41:19 GMT CMRUM3=2f6040e37f05a0&986040e37f05a00&e66040e37f27600&2d6040e37f05a0&696040e37f05a0&c36040e37f05a00&f16040e37f05a00&276040e37f0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Mar 2022 13:41:19 GMT CMST=YEDjf2BA438A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 05 Mar 2021 13:41:19 GMT

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 04 Mar 2021 13:41:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YEDjf0x7ltHRTmXkMP0z0wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Mar 2022 13:41:19 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 02 Jun 2021 13:41:19 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=ODIxMzgwNzA4MzIyODQxMTI4MA==
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAf77HwYTfgYQeZMlQ3zeqs&google_cver=1
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAf77HwYTfgYQeZMlQ3zeqs&google_cver=1
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAf77HwYTfgYQeZMlQ3zeqs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=5091babd-22b7-4e6a-8fe6-f9fdce64388d&gdpr=1&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=5091babd-22b7-4e6a-8fe6-f9fdce64388d&gdpr=1&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=5091babd-22b7-4e6a-8fe6-f9fdce64388d&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
299
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5340075711674575271&gdpr=0&gdpr_consent=
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5340075711674575271&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
nginx
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5340075711674575271&gdpr=0&gdpr_consent=
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=b1b86040-e37e-4000-9b7f-849ded250fa0&gdpr=0&gdpr_consent=
43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=b1b86040-e37e-4000-9b7f-849ded250fa0&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Thu, 04 Mar 2021 13:40:51 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=b1b86040-e37e-4000-9b7f-849ded250fa0&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 04 Mar 2021 13:40:50 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8d4a08cb-b380-4712-9e3a-d71a01955cdd&ssp=smartadserver
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=1&user_id=8d4a08cb-b380-4712-9e3a-d71a01955cdd&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=8adb0862-3c65-4121-9ea1-27efdb9e40dc&gdpr=&gdpr_consent=
43 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=8adb0862-3c65-4121-9ea1-27efdb9e40dc&gdpr=&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:26 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=8adb0862-3c65-4121-9ea1-27efdb9e40dc&gdpr=&gdpr_consent=
date
Thu, 04 Mar 2021 13:41:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=05f322030067dc7e5e9ea3fc&gdpr=0&gdprConsent=
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=05f322030067dc7e5e9ea3fc&gdpr=0&gdprConsent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:22 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=05f322030067dc7e5e9ea3fc&gdpr=0&gdprConsent=
Date
Thu, 04 Mar 2021 13:41:22 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=64&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D68%26partneruserid%3D%7BuserId%7D%26gdpr%3D%7Bgdpr%7D%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=68&partneruserid=no-consent&gdpr=1&gdpr_consent=&gdpr=0&gdpr_consent=
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=68&partneruserid=no-consent&gdpr=1&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=68&partneruserid=no-consent&gdpr=1&gdpr_consent=&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=950601676653127639&gdpr=0&gdpr_consent=
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=950601676653127639&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid
abefa6f7-b635-4f88-96e5-2fbadd228075
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=950601676653127639&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=6935793556483864722&gdpr=0&gdpr_consent=
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=6935793556483864722&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=6935793556483864722&gdpr=0&gdpr_consent=
Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://trc.taboola.com/sg/smartadserver-ssp-network/1/rtb-h?taboola_hm={USER_ID}&gdpr=0&gdpr_consent=
  • https://match.taboola.com/sg/smartadserver-ssp-network/1/rtb-h?taboola_hm={USER_ID}&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe
43 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 varnish
server
nginx
x-timer
S1614865279.473268,VS0,VE8
x-cache
MISS
location
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11582-HHN
us.php
gu.dyntrk.com/adx/sma/ Frame A31D 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fAgdYiCOV2xC&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fAgdYiCOV2xC&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fAgdYiCOV2xC&ev=1&pid=560288&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-568ff9c7d-srcmc
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f40925f3-8bf1-42b1-ade6-7be56e6ad804&gdpr=0&gdpr_consent=
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f40925f3-8bf1-42b1-ade6-7be56e6ad804&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
Apache-Coyote/1.1
location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f40925f3-8bf1-42b1-ade6-7be56e6ad804&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
get_user_agent_id
cookie-matching.mediarithmics.com/v1/ Frame A31D 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.188.223 , France, ASN16276 (OVH, FR),
Reverse DNS
ip223.ip-51-77-188.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
gjIEMT18
sync-tm.everesttech.net/ct/upi/pid/ Frame A31D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
85 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YEDjhgAAAJKe1CrK
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.3.8.v20160314) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:26 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
age
509
x-served-by
cache-hhn4068-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1614865286.276862,VS0,VE0
content-length
85
x-cache-hits
4026

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:26 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1614865286.162856,VS0,VE90
x-served-by
cache-hhn4068-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YEDjhgAAAJKe1CrK
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
0
5.gif
id5-sync.com/c/102/163/5/ Frame A31D
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEANRnKF3IfwBO2oUjvzmfu4&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=950601676653127639&opid=apx&ops=&utidl=tech:goo:CAESEANRnKF3IfwBO2oUjvzmfu4&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aW...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A11529517379&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F106%2F7%2F3.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/102/106/7/3.gif?puid=05f3220300cb0c0aebe937af&gdpr=1&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAE6L07AgccAAA-5rlqKhg
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F5%2F5.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/102/163/5/5.gif?puid=OWqa8W8g1LhOeb5&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/102/163/5/5.gif?puid=OWqa8W8g1LhOeb5&gdpr=1&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:23 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:23 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-015d5badb48c29580@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://id5-sync.com/c/102/163/5/5.gif?puid=OWqa8W8g1LhOeb5&gdpr=1&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:20 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=&gdpr=0
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:22 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=&gdpr=0
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
120
Content-Type
text/html; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=761ad86f49d72ea08ec134b92c5537c5
43 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=761ad86f49d72ea08ec134b92c5537c5
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:21 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:20 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=761ad86f49d72ea08ec134b92c5537c5
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame A31D
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f3f49c8-a712-4092-99be-42f104cc5239&gdpr_consent=null&gdpr=0
43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f3f49c8-a712-4092-99be-42f104cc5239&gdpr_consent=null&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f3f49c8-a712-4092-99be-42f104cc5239&gdpr_consent=null&gdpr=0
date
Thu, 04 Mar 2021 13:41:20 GMT
server
_
content-length
0
sdr
cs.admanmedia.com/sync/ Frame A31D 		42 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/sdr
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.206.247 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
/
s.ad.smaato.net/c/ Frame A31D 		0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-40.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:21 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
51ZfE87rqddIxMvrwb91kkUVciFzSKEDg-oCdlZelqInPaXZ4B0m3Q==
x-cache
LambdaGeneratedResponse from cloudfront
showad.js
ads.pubmatic.com/AdServer/js/ Frame 97C2 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156383:2; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203; PUBMDCID=3; KRTBCOOKIE_1101=23040-6935793556483864722; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; KRTBCOOKIE_27=16735-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&16736-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23019-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23114-uid:b1b86040-e37e-4000-9b7f-849ded250fa0; KRTBCOOKIE_391=22924-5340075711674575271; KRTBCOOKIE_22=14911-7986630435418036215; KRTBCOOKIE_377=6810-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&22918-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&23031-5091babd-22b7-4e6a-8fe6-f9fdce64388d; KRTBCOOKIE_80=16514-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&22987-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&23025-CAESEN3rlNqHa-5tulouuaVjKxs; KRTBCOOKIE_57=22776-950601676653127639; KRTBCOOKIE_153=19420-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w&KRTB&22979-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w; PugT=1614865279; KRTBCOOKIE_107=1471-uid:OWqa8W8g1LhOeb5; KRTBCOOKIE_336=5844-6948537625980446964; KRTBCOOKIE_188=3189-no-consent
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=34110
Expires
Thu, 04 Mar 2021 23:09:49 GMT
Date
Thu, 04 Mar 2021 13:41:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame 1FDF 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pid=8213807083228411280; TestIfCookieP=ok; csync=76:GOOGLE_HOSTED_SI|127:AAE6L07AgccAAA-5rlqKhg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1613661331.105246"
Last-Modified
Thu, 18 Feb 2021 15:14:17 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Thu, 04 Mar 2021 13:41:19 GMT
Content-Length
445
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 412B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=950601676653127639
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 04 Mar 2021 13:41:26 GMT
Age
28245
X-Served-By
cache-lga21981-LGA, cache-fra19138-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 243250
X-Timer
S1614865286.442555,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5435 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://newsyou.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Mar 2021 13:41:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame FEA0 		634 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
47abb256d9e57f88b7ccbe4fe2641e685f10cac5ef151efcf02850fa012128bd

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newsyou.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; pd=v2|1614865278.1|kiiygevNgun0.j8mWfcsHqGgqsLiSommOnsgi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newsyou.info/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; Version=1; Expires=Fri, 04-Mar-2022 13:41:19 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614865278.1|kiiygevNgun0.j8gmmWtujofcsHqGgqmuvQsLiSommOsfnsgi; Version=1; Expires=Fri, 19-Mar-2021 13:41:19 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 04 Mar 2021 13:41:19 GMT
content-type
text/html
content-length
430
content-encoding
gzip
via
1.1 google
alt-svc
clear
dynamic_ddc.htm
presentation-ams1.turn.com/server/ Frame 95DB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Requested by
Host: ad.turn.com
URL: https://ad.turn.com/server/pixelssl.htm?fpid=33&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
9134ba105791a98db4232995f9269055b4b8e734581bdd58cff57c5521f1165f

Request headers

:method
GET
:authority
presentation-ams1.turn.com
:scheme
https
:path
/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.turn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=7986630435418036215
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ad.turn.com/

Response headers

set-cookie
JSESSIONID=3F2BA9E5649EDDE3D43ECBFF63FE8E5F; Path=/; Secure; HttpOnly
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
vary
accept-encoding
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 04 Mar 2021 13:41:18 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 000A 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=f8a9de04-302a-0a34-3017-19110d0680a1&gdpr=0&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sd
eu-u.openx.net/w/1.0/ Frame 000A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=950601676653127639
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=950601676653127639
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid
b2825b83-0f5f-428b-9eb7-3a04aa854edc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=950601676653127639
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
openx2-match.dotomi.com/match/bounce/ Frame 000A 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame 000A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:18 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame 000A 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=a7a1870c-f659-0f32-259b-211b2a60185d
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.187.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 000A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YEDjhgAAAHGf-CrK
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEDjhgAAAHGf-CrK&_test=YEDjhgAAAHGf-CrK
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEDjhgAAAHGf-CrK&_test=YEDjhgAAAHGf-CrK
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEDjhgAAAHGf-CrK&_test=YEDjhgAAAHGf-CrK
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:26 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEDjhgAAAHGf-CrK&_test=YEDjhgAAAHGf-CrK
date
Thu, 04 Mar 2021 13:41:26 GMT
via
1.1 google
server
OXGW/16.202.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame 000A
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=Rlh2o3d2ezcMAbeqkDqbWak1&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
  • https://sync.crwdcntrl.net/map/ct=y/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b20981c76870438a6b1aceb8fe6ecd7e&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DRlh2o3d2ezcMAbeqkDqbWak1
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Rlh2o3d2ezcMAbeqkDqbWak1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Rlh2o3d2ezcMAbeqkDqbWak1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:27 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Rlh2o3d2ezcMAbeqkDqbWak1
date
Thu, 04 Mar 2021 13:41:27 GMT
server
openresty
content-length
146
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 1FDF 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9E) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:14:17 GMT
server
ECS (amb/6B9E)
age
80701
etag
"f720a7f2a8432d0f18de76239266413f:1613661329.433766"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
mime-version
1.0
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 1FDF 		74 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA3) /
Resource Hash
c6519d6a796a5ef0daa0e7628812ffc354d25635216b7aaafda7cd58a958dc6f

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:13 GMT
server
ECS (amb/6BA3)
age
80332
etag
"76c4b2e4d7cfc32ed3d0fd0e8507a2b5:1613661331.820325"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
mime-version
1.0
content-length
3527
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 1FDF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B77) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:14 GMT
server
ECS (amb/6B77)
age
80697
etag
"5c225f0da4164867a9eba01d527131e3:1613661330.299947"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
mime-version
1.0
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 1FDF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:15 GMT
server
ECS (amb/6B74)
age
80701
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1613661330.71025"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
usync.js
eus.rubiconproject.com/ Frame 5435 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1dcacffd5056e8521c39d12085fe6a73b310f80bd764e77e067ff15b49a715d3

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26234
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Thu, 04 Mar 2021 20:58:34 GMT
openx
tr.blismedia.com/v1/api/sync/ Frame FEA0 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:23 GMT
via
1.1 google
alt-svc
clear
dcm
aax-eu.amazon-adsystem.com/s/ Frame FEA0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b5f63581-bd42-8ea2-b78b-25ba43269087
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b5f63581-bd42-8ea2-b78b-25ba43269087&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b5f63581-bd42-8ea2-b78b-25ba43269087&dcc=t
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b5f63581-bd42-8ea2-b78b-25ba43269087&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FEA0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=4f82c45d-7cef-11eb-8830-270c3ff837ee
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=4f82c45d-7cef-11eb-8830-270c3ff837ee
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:23 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=4f82c45d-7cef-11eb-8830-270c3ff837ee
Date
Thu, 04 Mar 2021 13:41:23 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
4f82c45e-7cef-11eb-8830-270c3ff837ee
us.php
gu.dyntrk.com/adx/ox/ Frame FEA0 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sd
us-u.openx.net/w/1.0/ Frame FEA0
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=5819A7E1708643309C45C250B27B6D04
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5819A7E1708643309C45C250B27B6D04
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 04 Mar 2021 13:41:19 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5819A7E1708643309C45C250B27B6D04
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 03 Mar 2021 13:41:19 GMT
c.html
j.mrpdata.net/ Frame FEA0 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.45.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
dcm
s.amazon-adsystem.com/ Frame 408D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 408D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=70&gdpr=1&cm_user_id=YEDjf0x7ltHRTmXkMP0z0wAA&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.253.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-253-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 408D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEDjf0x7ltHRTmXkMP0z0wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMY55UwGHrGT4r3FTn1rgoA&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMY55UwGHrGT4r3FTn1rgoA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:19 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMY55UwGHrGT4r3FTn1rgoA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 408D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELR_YTnZZyqYrt4cDuIP1EM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELR_YTnZZyqYrt4cDuIP1EM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:19 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELR_YTnZZyqYrt4cDuIP1EM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 408D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OWqa8W8g1LhOeb5&gdpr=1
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OWqa8W8g1LhOeb5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:19 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:18 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0047f8acf6307f30d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OWqa8W8g1LhOeb5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 408D
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0&C=1
43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
266
Expires
Thu, 04 Mar 2021 13:41:26 GMT
crum
dsum-sec.casalemedia.com/ Frame 408D
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ae11ce7a-97b3-4e18-8323-d357495f6610
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ae11ce7a-97b3-4e18-8323-d357495f6610
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:26 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ae11ce7a-97b3-4e18-8323-d357495f6610
date
Thu, 04 Mar 2021 13:41:26 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 408D
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9ca02db7-7db5-491b-9fd4-05347ac08532
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9ca02db7-7db5-491b-9fd4-05347ac08532
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:22 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:21 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9ca02db7-7db5-491b-9fd4-05347ac08532
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 408D 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=33&partneruserid=YEDjf0x7ltHRTmXkMP0z0wAA%261134
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=5091babd-22b7-4e6a-8fe6-f9fdce64388d&gdpr=1&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=5091babd-22b7-4e6a-8fe6-f9fdce64388d&gdpr=1&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=5091babd-22b7-4e6a-8fe6-f9fdce64388d&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
299
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5340075711674575271&gdpr=0&gdpr_consent=
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5340075711674575271&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
nginx
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5340075711674575271&gdpr=0&gdpr_consent=
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=b96737f2-4eaf-4e10-a12d-0679be3f8075&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=3da06132-baad-48fa-bde4-34c1db14790a&gdpr=&gdpr_consent=
43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=3da06132-baad-48fa-bde4-34c1db14790a&gdpr=&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=3da06132-baad-48fa-bde4-34c1db14790a&gdpr=&gdpr_consent=
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=05f3220300cb0c0aebe937af&gdpr=0&gdprConsent=
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=05f3220300cb0c0aebe937af&gdpr=0&gdprConsent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:21 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=05f3220300cb0c0aebe937af&gdpr=0&gdprConsent=
Date
Thu, 04 Mar 2021 13:41:22 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=64&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D68%26partneruserid%3D%7BuserId%7D%26gdpr%3D%7Bgdpr%7D%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=68&partneruserid=no-consent&gdpr=1&gdpr_consent=&gdpr=0&gdpr_consent=
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=68&partneruserid=no-consent&gdpr=1&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=68&partneruserid=no-consent&gdpr=1&gdpr_consent=&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=950601676653127639&gdpr=0&gdpr_consent=
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=950601676653127639&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid
a06ba3c9-65a1-46e8-913f-268fec7df199
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=950601676653127639&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 5AA3
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
43 B
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://csync.smartadserver.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pid=8213807083228411280; TestIfCookieP=ok; csync=22:5340075711674575271|31:3da06132-baad-48fa-bde4-34c1db14790a|76:GOOGLE_HOSTED_SI|80:fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh|124:6f3f49c8-a712-4092-99be-42f104cc5239|127:AAE6L07AgccAAA-5rlqKhg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://csync.smartadserver.com/

Response headers

date
Thu, 04 Mar 2021 13:41:21 GMT
content-type
image/gif
cache-control
no-cache,no-store
pragma
no-cache
transfer-encoding
chunked
set-cookie
csync=22:5340075711674575271|31:3da06132-baad-48fa-bde4-34c1db14790a|76:GOOGLE_HOSTED_SI|80:fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh|91:72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D|124:6f3f49c8-a712-4092-99be-42f104cc5239|127:AAE6L07AgccAAA-5rlqKhg; expires=Mon, 04 Apr 2022 13:41:22 GMT; domain=smartadserver.com; path=/; secure; samesite=none
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D&gdpr=0&gdpr_consent=
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Date
Thu, 04 Mar 2021 22:41:16 GMT
Content-Length
0
cm
eu-u.openx.net/w/1.0/ Frame D374 		802 B
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
07da941ed9c7567125f244c4d63aed0914318cb2758e3b319cd9bde1a08d435e

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smartadserver.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; pd=v2|1614865278.1|kiiygevNgun0.j8gmmWtujofcsHqGgqmuvQsLiSommOsfnsgi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://csync.smartadserver.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3e8c76a5-086f-0aaf-2d53-6fc54f32689a|1614865278; Version=1; Expires=Fri, 04-Mar-2022 13:41:19 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614865278.1|kiiygevNgun0.fogSj8w0gmmWvStujofcsHqGgqvtmuvQsLiSommOsfnsrFgi; Version=1; Expires=Fri, 19-Mar-2021 13:41:19 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 04 Mar 2021 13:41:19 GMT
content-type
text/html
content-length
477
content-encoding
gzip
via
1.1 google
alt-svc
clear
pixelssl.htm
ad.turn.com/server/ Frame 4C2D 		408 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.turn.com/server/pixelssl.htm?fpid=33&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
61d62cea4db8470d4d47e2517c3b0e04bfd57451cdfe1b314bb7ed9ee2855747

Request headers

:method
GET
:authority
ad.turn.com
:scheme
https
:path
/server/pixelssl.htm?fpid=33&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smartadserver.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=7986630435418036215
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://csync.smartadserver.com/

Response headers

set-cookie
JSESSIONID=916183ED8C3FDF934CF2BECDFEFA44A0; Path=/; Secure; HttpOnly uid=7986630435418036215; Domain=.turn.com; Expires=Tue, 31-Aug-2021 13:41:19 GMT; Path=/; Secure; SameSite=None
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
vary
accept-encoding
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 04 Mar 2021 13:41:18 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 452F 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
553a2a5f76c7f3275bd4154d30f45fdadf4b8e5860d84d2ed22f4f26acc73326

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://csync.smartadserver.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YEDjf0x7ltHRTmXkMP0z0wAA; CMPS=3164; CMPRO=1134; CMRUM3=2f6040e37f05a0&986040e37f05a00&e66040e37f27600&2d6040e37f05a0&696040e37f05a0&c36040e37f05a00&f16040e37f05a00&276040e37f0b40; CMST=YEDjf2BA438A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://csync.smartadserver.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|206|39|64|188|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1523
Expires
Thu, 04 Mar 2021 13:41:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YEDjf0x7ltHRTmXkMP0z0wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Mar 2022 13:41:19 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 02 Jun 2021 13:41:19 GMT CMPRO=1134;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 02 Jun 2021 13:41:19 GMT CMRUM3=e66040e37f27600&2d6040e37f05a0&2f6040e37f05a0&986040e37f05a00&406040e37f05a0&826040e37fa8c0&be6040e37f05a0&496040e37f05a00&276040e37f0b40&ce6040e37f05a00&bc6040e37f05a00&696040e37f05a0&2e6040e37f05a0&c36040e37f05a00&f16040e37f05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Mar 2022 13:41:19 GMT
/
dsp.adfarm1.adition.com/cookie/ Frame 1FDF 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh
43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=fZDjki6T4Mdmw-TDKZX6lCnF4cdmxLaTesYjvVZh
pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://trc.taboola.com/sg/smartadserver-ssp-network/1/rtb-h?taboola_hm={USER_ID}&gdpr=0&gdpr_consent=
  • https://match.taboola.com/sg/smartadserver-ssp-network/1/rtb-h?taboola_hm={USER_ID}&tbid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe&query=taboola_hm%3D%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe
43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:20 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 varnish
server
nginx
x-timer
S1614865280.681921,VS0,VE8
x-cache
MISS
location
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5bd62e38-5436-408d-afb4-3b9cc442099a-tuct73a68fe
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11582-HHN
us.php
gu.dyntrk.com/adx/sma/ Frame 1FDF 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=3oJERq7jnUgl&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=3oJERq7jnUgl&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=3oJERq7jnUgl&ev=1&pid=560288&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-568ff9c7d-srcmc
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f40925f3-8bf1-42b1-ade6-7be56e6ad804&gdpr=0&gdpr_consent=
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f40925f3-8bf1-42b1-ade6-7be56e6ad804&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
Apache-Coyote/1.1
location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=f40925f3-8bf1-42b1-ade6-7be56e6ad804&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
get_user_agent_id
cookie-matching.mediarithmics.com/v1/ Frame 1FDF 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.188.223 , France, ASN16276 (OVH, FR),
Reverse DNS
ip223.ip-51-77-188.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:22 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
gjIEMT18
sync-tm.everesttech.net/ct/upi/pid/ Frame 1FDF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
85 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YEDjhgAAAI-PplZV
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.3.8.v20160314) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:26 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
age
509
x-served-by
cache-hhn4068-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1614865286.286456,VS0,VE0
content-length
85
x-cache-hits
4027

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:26 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1614865286.162827,VS0,VE92
x-served-by
cache-hhn4068-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YEDjhgAAAI-PplZV
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
0
155.gif
id5-sync.com/k/ Frame 1FDF
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEANRnKF3IfwBO2oUjvzmfu4&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=950601676653127639&opid=apx&ops=&utidl=tech:goo:CAESEANRnKF3IfwBO2oUjvzmfu4&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aW...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A11529271462&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/102/112/7/3.gif?puid=E15D486F422C5AAA&gdpr=1&gdpr_consent=
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F106%2F6%2F4.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/102/106/6/4.gif?puid=05f3220300cb0c0aebe937af&gdpr=1&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAE6L07AgccAAA-5rlqKhg
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAE6L07AgccAAA-5rlqKhg
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Date
Thu, 04 Mar 2021 13:41:23 GMT
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAE6L07AgccAAA-5rlqKhg
Date
Thu, 04 Mar 2021 13:41:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:27 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:27 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=&gdpr=0
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:21 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=&gdpr=0
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
120
Content-Type
text/html; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=2c4018bcf9091bdc25f9044a2065fd27
43 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=2c4018bcf9091bdc25f9044a2065fd27
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:22 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:20 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=2c4018bcf9091bdc25f9044a2065fd27
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 1FDF
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f8c78646-6bae-4c82-8f66-80b332b7f1e2&gdpr_consent=null&gdpr=0
43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f8c78646-6bae-4c82-8f66-80b332b7f1e2&gdpr_consent=null&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=1743&dcid=4&iscname=false&cname=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:20 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=f8c78646-6bae-4c82-8f66-80b332b7f1e2&gdpr_consent=null&gdpr=0
date
Thu, 04 Mar 2021 13:41:20 GMT
server
_
content-length
0
sdr
cs.admanmedia.com/sync/ Frame 1FDF 		42 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/sdr
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.206.247 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
/
s.ad.smaato.net/c/ Frame 1FDF 		0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ec-ns.sascdn.com
URL: https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-40.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:21 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
nX62J29JOCrw-KiAE8U5c45QhBBG5q4delYM7ltNC6ATC9nWDGWSPA==
x-cache
LambdaGeneratedResponse from cloudfront
rum
dsum-sec.casalemedia.com/ Frame 95DB 		43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7986630435418036215&gdpr=0&gdpr_consent=
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:19 GMT
4e2e7eb2-7cef-11eb-b5ec-fa0d99bcfabb
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/ Frame 95DB
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=684&partner_device_id=7986630435418036215&partner_url=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzI3MDg5NDgx%2Fmpuid%2F%24%7BTA_D...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=684&partner_device_id=7986630435418036215&partner_url=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzI3MDg5NDgx%2Fmpuid%2F%24%...
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/4e2e7eb2-7cef-11eb-b5ec-fa0d99bcfabb
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/4e2e7eb2-7cef-11eb-b5ec-fa0d99bcfabb
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

date
Thu, 04 Mar 2021 13:41:21 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/4e2e7eb2-7cef-11eb-b5ec-fa0d99bcfabb
alt-svc
clear
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 95DB 		43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=32&partneruserid=7986630435418036215
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tap.php
pixel.rubiconproject.com/ Frame 95DB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7986630435418036215&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
sync.gif
dmp.truoptik.com/8bf33fe57526aec8/ Frame 95DB
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=7986630435418036215
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=f40925f3-8bf1-42b1-ade6-7be56e6ad804&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701&gdpr=1&gd...
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=f40925f3-8bf1-42b1-ade6-7be56e6ad804&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701&gdpr=1&g...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1701
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/f40925f3-8bf1-42b1-ade6-7be56e6ad804/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F&gdpr=1&gdpr_consent=
  • https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=f40925f3-8bf1-42b1-ade6-7be56e6ad804&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx&gdpr=1&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=f40925f3-8bf1-42b1-ade6-7be56e6ad804&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx&gdpr=1&gdpr_consent=
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.91.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:21 GMT
server
Apache-Coyote/1.1
location
https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=f40925f3-8bf1-42b1-ade6-7be56e6ad804&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 95DB 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=7986630435418036215&partnerDomain=turn.com&idType=cookie
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.223.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:23 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Server
Apache-Coyote/1.1
X-Adswizz-request-id
4f892cb0-7cef-11eb-b3c8-026d9a873e7d
Instance-id
i-0178d82c8bf71efcf
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
put
e1.emxdgt.com/ Frame 95DB 		0
0
bd
r.turn.com/r/ Frame 95DB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=$UID
  • https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=950601676653127639
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=950601676653127639
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.75:80
AN-X-Request-Uuid
f18051f8-2998-4179-8b02-ab660c8f607e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=950601676653127639
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 95DB 		1 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:17 GMT
X-lat
Pug23043:0:293
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1
sync
amobee-partners.tremorhub.com/ Frame 95DB 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amobee-partners.tremorhub.com/sync?UITN=7986630435418036215&gdpr=0&gdpr_consent=
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame 95DB 		43 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7986630435418036215&redirectID=0
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:20 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1614865280792001-419
Expires
Thu, 04 Mar 2021 13:41:20 GMT
sync
ups.analytics.yahoo.com/ups/55939/ Frame 95DB
Redirect Chain
  • https://pixel.advertising.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://pixel.advertising.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&verify=true
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&apid=UP4f8cd660-7cef-11eb-8040-0600b0610222
0
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&apid=UP4f8cd660-7cef-11eb-8040-0600b0610222
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:24 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&apid=UP4f8cd660-7cef-11eb-8040-0600b0610222
date
Thu, 04 Mar 2021 13:41:23 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 95DB
Redirect Chain
  • https://ce.lijit.com/merge?pid=1&3pid=7986630435418036215
  • https://ce.lijit.com/merge?pid=1&3pid=7986630435418036215&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=1&3pid=7986630435418036215&dnr=1
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=1&3pid=7986630435418036215&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 95DB 		43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=20&code=7986630435418036215
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:23 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.79:80
AN-X-Request-Uuid
7e8fcd06-b149-4186-947f-005803dbc1dc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
u
dsp.v.fwmrm.net/ad/ Frame 95DB 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.v.fwmrm.net/ad/u?nw=511940&dpid=511940&token=da3a55995538502bd55fb9a637e11943&buid=7986630435418036215
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.57.158.51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
amsadvip2.fwmrm.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:20 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
partner
sync.search.spotxchange.com/ Frame 95DB
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=6481&img=1&uid=7986630435418036215
  • https://sync.search.spotxchange.com/partner?adv_id=6481&img=1&uid=7986630435418036215&__user_check__=1&sync_id=4da0096f-7cef-11eb-830f-1a3cf9d12506
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6481&img=1&uid=7986630435418036215&__user_check__=1&sync_id=4da0096f-7cef-11eb-830f-1a3cf9d12506
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:20 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
43
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 04 Mar 2021 13:41:20 GMT
Server
nginx
Location
/partner?adv_id=6481&img=1&uid=7986630435418036215&__user_check__=1&sync_id=4da0096f-7cef-11eb-830f-1a3cf9d12506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
55
Connection
keep-alive
Content-Length
0
sync
sync.alphonso.tv/ Frame 95DB
Redirect Chain
  • https://sync.alphonso.tv/sync?srcid=500&puid=7986630435418036215
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0qh8sjy&ttd_tpi=1
  • https://sync.alphonso.tv/sync?srcid=600&img=1&puid=5091babd-22b7-4e6a-8fe6-f9fdce64388d
95 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.alphonso.tv/sync?srcid=600&img=1&puid=5091babd-22b7-4e6a-8fe6-f9fdce64388d
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.129.168.238 , United States, ASN40244 (TURNKEY-INTERNET, US),
Reverse DNS
104-129-168-238.static.as40244.net
Software
/ Express
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:21 GMT
Last-Modified
Sat, 04 Apr 2020 07:46:35 GMT
X-Powered-By
Express
ETag
W/"5f-1714427dbcd"
Vary
Origin
Content-Type
image/png
Access-Control-Allow-Origin
*
cache-control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
95
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.alphonso.tv/sync?srcid=600&img=1&puid=5091babd-22b7-4e6a-8fe6-f9fdce64388d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
ps
tag.yieldoptimizer.com/ps/ Frame 95DB
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=7986630435418036215
  • https://tag.yieldoptimizer.com/ps/ps?tc=881833597&t=i&p=4889&turn_id=7986630435418036215
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/ps?tc=881833597&t=i&p=4889&turn_id=7986630435418036215
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/ps?tc=881833597&t=i&p=4889&turn_id=7986630435418036215
cache-control
no-cache
alt-svc
clear
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
dynamic_ddc.htm
presentation-ams1.turn.com/server/ Frame B94D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Requested by
Host: ad.turn.com
URL: https://ad.turn.com/server/pixelssl.htm?fpid=33&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
e793354b66452ca81b6d3d06db8d1826d85c18a13372a42bd4ef5068ebf0c678

Request headers

:method
GET
:authority
presentation-ams1.turn.com
:scheme
https
:path
/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.turn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=7986630435418036215; pxs=173954558%2318690%2C172291685%2318690%2C173614712%2318690%2C173302357%2318690%2C173954557%2318690%2C172291680%2318690%2C172291681%2318690%2C172291715%2318690%2C172291683%2318690%2C172291695%2318690%2C172291722%2318690%2C172291723%2318690%2C172291691%2318690%2C172291701%2318690%2C172291708%2318690%2C172291710%2318690%2C172291706%2318690%2C173954560%2318690
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ad.turn.com/

Response headers

set-cookie
JSESSIONID=AD764E56BABCD6E87AD3C3F00DB41B0A; Path=/; Secure; HttpOnly
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
vary
accept-encoding
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 04 Mar 2021 13:41:18 GMT
/
rtb-csync.smartadserver.com/redir/ Frame D374 		43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=f8a9de04-302a-0a34-3017-19110d0680a1&gdpr=0&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:20 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
7e16599e-da5d-0733-2768-fec58dad171b
sync.1rx.io/usersync/openx/ Frame D374 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/openx/7e16599e-da5d-0733-2768-fec58dad171b
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
sd
us-u.openx.net/w/1.0/ Frame D374
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=875739024737157406
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=875739024737157406
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:23 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=875739024737157406
Server
Jetty(9.0.6.v20130930)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
m
ad.yieldlab.net/ Frame D374
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=27dfbeb6-f175-0c5d-0712-862bd47b5a53
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=27dfbeb6-f175-0c5d-0712-862bd47b5a53
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:27 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Wed, 03 Mar 2021 13:41:27 GMT

Redirect headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=27dfbeb6-f175-0c5d-0712-862bd47b5a53
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
pixel.advertising.com/ups/55981/ Frame D374 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=1&uid=c3e4ca75-7982-0f11-24a2-6627bcb6af0e
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-153-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:23 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame D374
Redirect Chain
  • https://ce.lijit.com/merge?pid=76&3pid=81ce973c-4b5c-0f55-3039-118b53a46435
  • https://ce.lijit.com/merge?pid=76&3pid=81ce973c-4b5c-0f55-3039-118b53a46435&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=81ce973c-4b5c-0f55-3039-118b53a46435&dnr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=76&3pid=81ce973c-4b5c-0f55-3039-118b53a46435&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
um
sync.teads.tv/ Frame D374
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
  • https://sync.teads.tv/um?eid=64&uid=585a13c1-4765-0e02-06f7-985122509b51
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=64&uid=585a13c1-4765-0e02-06f7-985122509b51
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:24 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 04 Mar 2021 13:41:24 GMT
server
akka-http/10.1.9
content-length
23
content-type
image/gif

Redirect headers

date
Thu, 04 Mar 2021 13:41:19 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.teads.tv/um?eid=64&uid=585a13c1-4765-0e02-06f7-985122509b51
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 452F 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 452F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 452F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE6L07AgccAAA-5rlqKhg&expiration=1616074884
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE6L07AgccAAA-5rlqKhg&expiration=1616074884
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:24 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE6L07AgccAAA-5rlqKhg&expiration=1616074884
Date
Thu, 04 Mar 2021 13:41:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 452F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 04 Mar 2021 13:41:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YEDjf0x7ltHRTmXkMP0z0wAABG4AAAIB
Connection
keep-alive
Content-Length
0
casale
match.adsrvr.org/track/cmf/ Frame 452F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YEDjf0x7ltHRTmXkMP0z0wAA&gdpr=1&cm_dsp_id=70
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.253.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-253-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 452F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1617457279
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1617457279
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Mar 2021 13:41:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1617457279
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieIndex
rtb.adentifi.com/ Frame 452F 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.51.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
getuid
ib.adnxs.com/ Frame 452F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame 452F 		43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=33&partneruserid=YEDjf0x7ltHRTmXkMP0z0wAA%261134
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame B94D 		43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=32&partneruserid=7986630435418036215
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
ups.analytics.yahoo.com/ups/55939/ Frame B94D
Redirect Chain
  • https://pixel.advertising.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://pixel.advertising.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&verify=true
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&apid=UP4f8cd660-7cef-11eb-8040-0600b0610222
0
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&apid=UP4f8cd660-7cef-11eb-8040-0600b0610222
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:24 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55939/sync?uid=7986630435418036215&_origin=1&gdpr=0&gdpr_consent=&us_privacy=&apid=UP4f8cd660-7cef-11eb-8040-0600b0610222
date
Thu, 04 Mar 2021 13:41:23 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
g.js
aa.agkn.com/adscores/ Frame B94D 		0
0
sd
us-u.openx.net/w/1.0/ Frame B94D 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
362388.gif
idsync.rlcdn.com/ Frame B94D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362388.gif?partner_uid=7986630435418036215&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B94D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk4NjYzMDQzNTQxODAzNjIxNQ==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEDc_h8x4SY7b1-H2Jm1ZTk4&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEDc_h8x4SY7b1-H2Jm1ZTk4&google_cver=1
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEDc_h8x4SY7b1-H2Jm1ZTk4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B94D 		0
0
turn_sync
x.dlx.addthis.com/e/ Frame B94D 		0
0
4499
tags.bluekai.com/site/ Frame B94D 		0
0
52164
i6.liadm.com/s/ Frame B94D
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=302&user_id=7986630435418036215&expires=7&gdpr=0&gdpr_consent=
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=3da06132-baad-48fa-bde4-34c1db14790a
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=3da06132-baad-48fa-bde4-34c1db14790a&_li_chk=true&previous_uuid=e92666804eeb4ed1b6abc263252384a7
  • https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=3da06132-baad-48fa-bde4-34c1db14790a
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=3da06132-baad-48fa-bde4-34c1db14790a
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:444a:4602:a911:dd8a:407b:f40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:27 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=3da06132-baad-48fa-bde4-34c1db14790a
Date
Thu, 04 Mar 2021 13:41:27 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
7986630435418036215
sync.1rx.io/usersync/turn/ Frame B94D 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/turn/7986630435418036215?dspret=1&redir=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2F%5BRX_UUID%5D&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:27 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
um
sync.teads.tv/ Frame B94D 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=11&uid=7986630435418036215
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 13:41:24 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 04 Mar 2021 13:41:24 GMT
server
akka-http/10.1.9
content-length
23
content-type
image/gif
cksync.php
contextual.media.net/ Frame B94D 		45 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=amb&ovsid=7986630435418036215
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 04 Mar 2021 13:41:19 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 04 Mar 2021 13:41:19 GMT
/
bpi.rtactivate.com/tag/ Frame B94D 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=16873&user_id=7986630435418036215
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.102.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 13:41:23 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
sync
sync.bfmio.com/ Frame B94D 		0
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=169&uid=7986630435418036215
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.82.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 04 Mar 2021 13:41:20 GMT
cksync.php
contextual.media.net/ Frame B94D 		45 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=amb&ovsid=${UUID}
Requested by
Host: presentation-ams1.turn.com
URL: https://presentation-ams1.turn.com/server/dynamic_ddc.htm?uid=7986630435418036215&btp=33&nu=n&sp=n&ctid=1&cyid=2&gdpr=0&gdpr_consent=&us_privacy=&ssl=y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://presentation-ams1.turn.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 04 Mar 2021 13:41:20 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 04 Mar 2021 13:41:20 GMT
async_usersync
ib.adnxs.com/ Frame CEFF 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:23 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid
47f1c261-09ba-45df-8d7e-cc478658acf3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D1CB 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 04 Mar 2021 13:41:22 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=newsyou.info&rs=newsyou.info&sid=90919&t=1614865274&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=359&he=202&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1614865274202-997738895741-000333-002-003630&cha=0.7&cb=36327129101&cd3=native&cd4=346316&cd1=desktop&cd6=11&cd5=48555bef-7cef-11eb-b15f-d094662f8ab5&cd2=0&d9=1000&AV_WIDTH=359&AV_HEIGHT=202
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.198.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 04 Mar 2021 13:41:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1F4A 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1615680000%3A63%7C1616025600%3A165_78_71_99_21_161_81_222_220_54_8_176_13_3_204_56_22_55_88_189_5_7_166%7C1615420800%3A67_2_223_15%7C1616112000%3A35%7C1617408000%3A203; PUBMDCID=3; KRTBCOOKIE_1101=23040-6935793556483864722; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; KRTBCOOKIE_27=16735-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&16736-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23019-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23114-uid:b1b86040-e37e-4000-9b7f-849ded250fa0; KRTBCOOKIE_391=22924-5340075711674575271; KRTBCOOKIE_22=14911-7986630435418036215; KRTBCOOKIE_377=6810-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&22918-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&23031-5091babd-22b7-4e6a-8fe6-f9fdce64388d; KRTBCOOKIE_80=16514-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&22987-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&23025-CAESEN3rlNqHa-5tulouuaVjKxs; KRTBCOOKIE_57=22776-950601676653127639; KRTBCOOKIE_153=19420-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w&KRTB&22979-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w; KRTBCOOKIE_107=1471-uid:OWqa8W8g1LhOeb5; KRTBCOOKIE_336=5844-6948537625980446964; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_699=22727-AAE6L07AgccAAA-5rlqKhg; PugT=1614865277; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=34107
Expires
Thu, 04 Mar 2021 23:09:49 GMT
Date
Thu, 04 Mar 2021 13:41:22 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 1F4A 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=50899243&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
057e6d55abb03933b81d3247404d8d244a72a0d73b3c692ab24e6614a37bc67c

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:39:50 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1234
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 3014 		35 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=50899243&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=5340075711674575271
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 04 Mar 2021 13:41:22 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5340075711674575271; expires=Mon, 03 May 2021 13:41:22 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 5EA8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5819A7E1708643309C45C250B27B6D04
1 B
667 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5819A7E1708643309C45C250B27B6D04
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=50899243&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; PUBMDCID=3; KRTBCOOKIE_1101=23040-6935793556483864722; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; KRTBCOOKIE_27=16735-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&16736-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23019-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23114-uid:b1b86040-e37e-4000-9b7f-849ded250fa0; KRTBCOOKIE_391=22924-5340075711674575271; KRTBCOOKIE_22=14911-7986630435418036215; KRTBCOOKIE_377=6810-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&22918-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&23031-5091babd-22b7-4e6a-8fe6-f9fdce64388d; KRTBCOOKIE_80=16514-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&22987-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&23025-CAESEN3rlNqHa-5tulouuaVjKxs; KRTBCOOKIE_57=22776-950601676653127639; KRTBCOOKIE_153=19420-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w&KRTB&22979-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w; KRTBCOOKIE_107=1471-uid:OWqa8W8g1LhOeb5; KRTBCOOKIE_336=5844-6948537625980446964; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_699=22727-AAE6L07AgccAAA-5rlqKhg; PugT=1614865277; SPugT=1614865282; pi=156383:4; chkChromeAb67Sec=2; DPSync3=1614902400%3A174%7C1616025600%3A201_227_226_221_219_197; SyncRTB3=1620000000%3A69%7C1616112000%3A35%7C1616025600%3A22_204_99_220_88_176_55_5_21_81_222_54_8_166_165_78_71_13_7_104_56_161_3_189%7C1615420800%3A15_223_67_2%7C1615680000%3A63%7C1617408000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 04 Mar 2021 13:41:21 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 13:41:21 GMT; path=/
X-lat
Pug23043:0:249
Content-Length
1
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
text/html; charset=utf-8

Redirect headers

server
nginx
date
Thu, 04 Mar 2021 13:41:22 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5819A7E1708643309C45C250B27B6D04
expires
Wed, 03 Mar 2021 13:41:22 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
spl.zeotap.com/ Frame 1F4A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D
  • https://spl.zeotap.com/?zdid=1332&zcluid=f903ddb3388508ab
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=f903ddb3388508ab
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
62ab85963b014aaa-FRA
date
Thu, 04 Mar 2021 13:41:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
089f11d1e400004aaaf6bc4000000001

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=f903ddb3388508ab
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 1F4A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b1b86040-e37e-4000-9b7f-849ded250fa0
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b1b86040-e37e-4000-9b7f-849ded250fa0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 04 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 04 Mar 2021 13:40:55 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b1b86040-e37e-4000-9b7f-849ded250fa0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 04 Mar 2021 13:40:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1F4A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4f9191ba-7cef-11eb-9063-0107aa451d02&gdpr=0&gdpr_consent=
1 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4f9191ba-7cef-11eb-9063-0107aa451d02&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:23 GMT
X-lat
Pug23039:0:318
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4f9191ba-7cef-11eb-9063-0107aa451d02&gdpr=0&gdpr_consent=
Date
Thu, 04 Mar 2021 13:41:23 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
4f9191bb-7cef-11eb-9063-0107aa451d02
showad.js
ads.pubmatic.com/AdServer/js/ Frame 97C2 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=72B5224C-9D46-4BE7-9A37-3F5CD12C1E2D; PUBMDCID=3; KRTBCOOKIE_1101=23040-6935793556483864722; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-Rlh2o3d2ezcMAbeqkDqbWak1&KRTB&23212-Rlh2o3d2ezcMAbeqkDqbWak1; KRTBCOOKIE_27=16735-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&16736-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23019-uid:b1b86040-e37e-4000-9b7f-849ded250fa0&KRTB&23114-uid:b1b86040-e37e-4000-9b7f-849ded250fa0; KRTBCOOKIE_391=22924-5340075711674575271; KRTBCOOKIE_22=14911-7986630435418036215; KRTBCOOKIE_377=6810-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&22918-5091babd-22b7-4e6a-8fe6-f9fdce64388d&KRTB&23031-5091babd-22b7-4e6a-8fe6-f9fdce64388d; KRTBCOOKIE_80=16514-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&22987-CAESEN3rlNqHa-5tulouuaVjKxs&KRTB&23025-CAESEN3rlNqHa-5tulouuaVjKxs; KRTBCOOKIE_57=22776-950601676653127639; KRTBCOOKIE_153=19420-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w&KRTB&22979-J6YXcXSlFCQ89RAgc6MOd3PzFSQ88kJwIPCC_k0w; KRTBCOOKIE_107=1471-uid:OWqa8W8g1LhOeb5; KRTBCOOKIE_336=5844-6948537625980446964; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_699=22727-AAE6L07AgccAAA-5rlqKhg; PugT=1614865277; SPugT=1614865282; chkChromeAb67Sec=2; DPSync3=1614902400%3A174%7C1616025600%3A201_227_226_221_219_197; SyncRTB3=1620000000%3A69%7C1616112000%3A35%7C1616025600%3A22_204_99_220_88_176_55_5_21_81_222_54_8_166_165_78_71_13_7_104_56_161_3_189%7C1615420800%3A15_223_67_2%7C1615680000%3A63%7C1617408000%3A203; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=34107
Expires
Thu, 04 Mar 2021 23:09:49 GMT
Date
Thu, 04 Mar 2021 13:41:22 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 97C2 		47 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=7948460&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:41:34 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
47
Content-Type
text/html; charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 1F4A 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 04 Mar 2021 13:41:23 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
bounce
ib.adnxs.com/ Frame 633B
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid
7dd4f0b5-e3c6-4803-83b7-4c95f3701a84
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid
432ae802-287c-4aab-9be9-066977008e52
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 412B 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:26 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.50:80
AN-X-Request-Uuid
8fefc640-2a69-4743-8a55-62845d674bc9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 633B 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:27 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid
ad2f699d-640e-4d0c-a489-0df20c29abc4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 412B 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Mar 2021 13:41:27 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.37:80
AN-X-Request-Uuid
abf1fc35-31d3-42d0-89d9-5026fc42d56d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
Domain
e1.emxdgt.com
URL
https://e1.emxdgt.com/put?d=d15&uid=7986630435418036215
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.js?sid=9212291198&_puid=7986630435418036215
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7986630435418036215&dongle=d407
Domain
x.dlx.addthis.com
URL
https://x.dlx.addthis.com/e/turn_sync?na_exid=7986630435418036215
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/4499?id=7986630435418036215&BK_SWAP_DEST=4499

Verdicts & Comments Add Verdict or Comment

536 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| _m2161928346 function| $ function| jQuery function| ga string| ajaxUrlFlatPM boolean| duplicateFlatPM boolean| senseFlatPM object| adsbygoogle object| gnezdoAsyncCallbacks object| mtzBlocks object| head object| script object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| node5876 object| d object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| node7883 object| node6822 object| smiq object| jQuery1111046090296062528724 function| smiHTML13267 function| smiCSS13267 string| k number| j boolean| mgCanLoad896370 boolean| mgFallback896370 boolean| mgShortWidget896370 boolean| mgUseConvertedCode896370 string| mgRootId896370 object| div896370 string| rootDiv896370 string| mgPreloadId896370 object| _mgIntExchangeNews object| MarketGidInfC896370 function| MarketGidCContextBlock896370 function| MarketGidCMainBlock896370 function| MarketGidCAdvertLinkBlock896370 function| MarketGidCInternalExchangeBlock896370 function| MarketGidCColorBlock896370 function| MarketGidCUtilsBlock896370 function| MarketGidCMonitorBlock896370 function| MarketGidCRejectBlock896370 function| MarketGidCCriteoBlock896370 function| MarketGidCAmpRenderBlock896370 function| MarketGidCInternalExchangeLoggerBlock896370 function| MarketGidCObserverBlock896370 function| MarketGidCSspDoubleClickBlock896370 function| MarketGidCSendDimensionsBlock896370 function| MarketGidCHeaderBiddingBlock896370 function| MarketGidCAntifraudBlock896370 function| MarketGidCAntifraudStatisticsBlock896370 function| MarketGidCRtbBlock896370 function| MarketGidCActivateDelayBlock896370 function| MarketGidCAccidentalClicksBlock896370 function| MarketGidCExternalCountersBlock896370 function| MarketGidCYandexTurboBlock896370 function| MarketGidCContentPreviewBlock896370 function| MarketGidCCountersBlock896370 function| MarketGidCGradientBlock896370 function| MarketGidCResponsiveBlock896370 object| onClickExcludes function| mgReject896370 function| mgLoadAds896370_0e858 function| MarketGidCReject896370 function| MarketGidLoadGoods896370_0e858 function| AdskeeperCReject896370 function| AdskeeperLoadGoods896370_0e858 function| LentaInformCReject896370 function| LentaInformLoadGoods896370_0e858 function| IdealMediaCReject896370 function| IdealMediaLoadGoods896370_0e858 function| mgReject896371 function| mgLoadAds896371_0e858 function| MarketGidCReject896371 function| MarketGidLoadGoods896371_0e858 function| AdskeeperCReject896371 function| AdskeeperLoadGoods896371_0e858 function| LentaInformCReject896371 function| LentaInformLoadGoods896371_0e858 function| IdealMediaCReject896371 function| IdealMediaLoadGoods896371_0e858 boolean| mg_loaded_413933_896370 function| addJqueryshQND function| take_ban_teasershQND function| getUrlVarsshQND function| addJqueryETAlp function| take_ban_teaserETAlp function| getUrlVarsETAlp number| intervalIDshQND number| intervalIDETAlp string| _mgCanonicalUri boolean| _mgPageView413933 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| vpb object| FB function| addJqueryoHqbi function| take_ban_teaseroHqbi function| getUrlVarsoHqbi function| smiHTML13245 function| smiCSS13245 boolean| mgCanLoad860188 boolean| mgFallback860188 boolean| mgShortWidget860188 boolean| mgUseConvertedCode860188 string| mgRootId860188 object| div860188 string| rootDiv860188 string| mgPreloadId860188 object| MarketGidInfC860188 function| MarketGidCContextBlock860188 function| MarketGidCMainBlock860188 function| MarketGidCAdvertLinkBlock860188 function| MarketGidCInternalExchangeBlock860188 function| MarketGidCColorBlock860188 function| MarketGidCUtilsBlock860188 function| MarketGidCMonitorBlock860188 function| MarketGidCRejectBlock860188 function| MarketGidCCriteoBlock860188 function| MarketGidCAmpRenderBlock860188 function| MarketGidCInternalExchangeLoggerBlock860188 function| MarketGidCObserverBlock860188 function| MarketGidCSspDoubleClickBlock860188 function| MarketGidCSendDimensionsBlock860188 function| MarketGidCAntifraudBlock860188 function| MarketGidCAntifraudStatisticsBlock860188 function| MarketGidCRtbBlock860188 function| MarketGidCDiscountBlock860188 function| MarketGidCActivateDelayBlock860188 function| MarketGidCAccidentalClicksBlock860188 function| MarketGidCExternalCountersBlock860188 function| MarketGidCYandexTurboBlock860188 function| MarketGidCContentPreviewBlock860188 function| MarketGidCCountersBlock860188 function| MarketGidCGradientBlock860188 function| mgReject860188 function| mgLoadAds860188_12bd0 function| MarketGidCReject860188 function| MarketGidLoadGoods860188_12bd0 function| AdskeeperCReject860188 function| AdskeeperLoadGoods860188_12bd0 function| LentaInformCReject860188 function| LentaInformLoadGoods860188_12bd0 function| IdealMediaCReject860188 function| IdealMediaLoadGoods860188_12bd0 boolean| MarketGidCSvsdsFlag boolean| mg_loaded_413933_860188 boolean| mgCanLoad1024868 boolean| mgFallback1024868 boolean| mgShortWidget1024868 boolean| mgUseConvertedCode1024868 string| mgRootId1024868 object| div1024868 string| rootDiv1024868 string| mgPreloadId1024868 object| MarketGidInfC1024868 function| MarketGidCContextBlock1024868 function| MarketGidCMainBlock1024868 function| MarketGidCAdvertLinkBlock1024868 function| MarketGidCInternalExchangeBlock1024868 function| MarketGidCColorBlock1024868 function| MarketGidCUtilsBlock1024868 function| MarketGidCMonitorBlock1024868 function| MarketGidCRejectBlock1024868 function| MarketGidCCriteoBlock1024868 function| MarketGidCAmpRenderBlock1024868 function| MarketGidCInternalExchangeLoggerBlock1024868 function| MarketGidCObserverBlock1024868 function| MarketGidCSspDoubleClickBlock1024868 function| MarketGidCSendDimensionsBlock1024868 function| MarketGidCAntifraudBlock1024868 function| MarketGidCAntifraudStatisticsBlock1024868 function| MarketGidCRtbBlock1024868 function| MarketGidCActivateDelayBlock1024868 function| MarketGidCAccidentalClicksBlock1024868 function| MarketGidCExternalCountersBlock1024868 function| MarketGidCYandexTurboBlock1024868 function| MarketGidCContentPreviewBlock1024868 function| MarketGidCCountersBlock1024868 function| MarketGidCGradientBlock1024868 function| MarketGidCResponsiveBlock1024868 function| mgReject1024868 function| mgLoadAds1024868_0b514 function| MarketGidCReject1024868 function| MarketGidLoadGoods1024868_0b514 function| AdskeeperCReject1024868 function| AdskeeperLoadGoods1024868_0b514 function| LentaInformCReject1024868 function| LentaInformLoadGoods1024868_0b514 function| IdealMediaCReject1024868 function| IdealMediaLoadGoods1024868_0b514 boolean| mg_loaded_413933_1024868 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| smiHTML13248 function| smiCSS13248 number| intervalIDoHqbi string| rc_cache boolean| mgCanLoad346316 boolean| mgFallback346316 boolean| mgShortWidget346316 boolean| mgUseConvertedCode346316 string| mgRootId346316 object| div346316 string| rootDiv346316 string| mgPreloadId346316 object| MarketGidInfC346316 function| MarketGidCContextBlock346316 function| MarketGidCMainBlock346316 function| MarketGidCAdvertLinkBlock346316 function| MarketGidCInternalExchangeBlock346316 function| MarketGidCColorBlock346316 function| MarketGidCUtilsBlock346316 function| MarketGidCMonitorBlock346316 function| MarketGidCRejectBlock346316 function| MarketGidCCriteoBlock346316 function| MarketGidCAmpRenderBlock346316 function| MarketGidCInternalExchangeLoggerBlock346316 function| MarketGidCObserverBlock346316 function| MarketGidCSspDoubleClickBlock346316 function| MarketGidCSendDimensionsBlock346316 function| MarketGidCAntifraudBlock346316 function| MarketGidCAntifraudStatisticsBlock346316 function| MarketGidCRtbBlock346316 function| MarketGidCActivateDelayBlock346316 function| MarketGidCAccidentalClicksBlock346316 function| MarketGidCExternalCountersBlock346316 function| MarketGidCYandexTurboBlock346316 function| MarketGidCContentPreviewBlock346316 function| MarketGidCCountersBlock346316 function| MarketGidCGradientBlock346316 function| MarketGidCResponsiveBlock346316 function| mgReject346316 function| mgLoadAds346316 function| MarketGidCReject346316 function| MarketGidLoadGoods346316 function| AdskeeperCReject346316 function| AdskeeperLoadGoods346316 function| LentaInformCReject346316 function| LentaInformLoadGoods346316 function| IdealMediaCReject346316 function| IdealMediaLoadGoods346316 boolean| mg_loaded_324942_346316 function| addJquerypkhbz function| take_ban_teaserpkhbz function| getUrlVarspkhbz function| addJqueryzzTzo function| take_ban_teaserzzTzo function| getUrlVarszzTzo function| take_ban_teasernRpYB function| getUrlVarsnRpYB boolean| laScriptLoaded number| intervalIDpkhbz number| intervalIDzzTzo number| intervalIDnRpYB boolean| _mgPageView324942 object| gnezdo object| informer string| ban_teaser boolean| 100534161486527174223c2fc83fa0a25aad5e885902ca25af08 object| cintvls number| bannerNum function| setIframe object| loadedBanners function| setStyle string| scr object| div object| x number| len undefined| newScript function| getApuID object| APC object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID function| initRtb62985626750002744 object| result string| key string| apuid object| sessionData function| initRtb56203363208344450 object| regeneratorRuntime object| dmpProfitclicks function| initRtb86190749841982880 function| initRtb15256291082711892 function| LoadCriteoAllPlaces896370_0e858 boolean| i.js.loaded boolean| i-noref.js.loaded object| s function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| node7881 object| node7882 function| LoadCriteoAllPlaces860188_12bd0 function| LoadCriteoAllPlaces1024868_0b514 string| iS object| iD object| iP string| iR string| iT string| iH number| iI string| GoogleAnalyticsObject function| ym function| flatPM_arcticmodalLoad boolean| debugMode boolean| duplicateMode boolean| senseMode boolean| countMode function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_random object| flat_body object| flat_count boolean| flat_counter number| flat_iframe string| flat_sep object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear string| flat_dateMonth string| flat_dateDay number| flat_dateHours number| flat_dateMinutes boolean| flat_adbDetect object| flat_userVars function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_setHTML object| flat_pm_arr function| jQueryLoaded function| jQueryLoading function| randomInteger number| utarget_rand number| utarget_cookie object| utarget_script object| l_m764740953 object| jQuery112408070079862880581 function| _mgLib1_11_31 function| LoadCriteoAllPlaces346316 function| mgadSrcNoUi_0 function| addJquerymkiiz function| take_ban_teasermkiiz function| getUrlVarsmkiiz function| addJqueryGGcBq function| take_ban_teaserGGcBq function| getUrlVarsGGcBq boolean| 021084161486527228714378211d42907a8c843aa3d853aabc34 object| block string| text number| intervalIDmkiiz number| intervalIDGGcBq number| adsbidInit object| mtz object| realViews function| _typeof function| _createClass function| _classCallCheck object| web_script number| is_clck function| web_callback string| website function| are_cookies_enabled function| inIframe function| compareElementsWithParentsToSelectors function| compareElementsToSelectors function| Browser object| browser function| run object| Ya object| yaCounter44453875 object| _mgAdSrcNoUi object| _mgAdTrSrc object| banner6566_1614865272576329855 function| avPlayer object| banner2490_1614865272638928450 string| cookie_expires object| options object| system object| _parent object| banner_clases boolean| edge boolean| linux boolean| new_opera boolean| ua_ios_opera boolean| ua_ios_opera_mini object| main object| banner2489_1614865272701405036 object| banner2501_1614865272843839291 function| av_sciv_hndlr1614865273704 object| _mgwcapping boolean| _mgPageImp413933 object| storageAni object| br object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP number| cur_time boolean| wait_start number| _997726831838 object| _997726831831 object| cd string| dt object| parent_elem function| removeGooglePlaced number| _997726831832 string| user_agent boolean| mac boolean| windows boolean| ua_chrome boolean| ua_ya boolean| firefox boolean| ua_opera boolean| ie_11_edge boolean| opera_dev undefined| ie_8 boolean| ie_9 boolean| ios number| cou object| b0 object| b1 object| b2 boolean| class_selector boolean| match object| items number| count number| item_w number| item_h boolean| flag object| pos object| h_body object| h_doc object| new_post object| closure_lm_741524 object| closure_lm_368784 object| closure_lm_307574 object| closure_lm_724686 object| closure_lm_728828 object| closure_lm_894952 object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: ses15
Value:
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2VPC3dXYd20jyTC4TA8Crx+XHsrrMVSaWW/nyVAegOd3bRKmVWhAU/kD7l/kAx5UoK2yMHxwu6l7KpUjWTmmg0
.rubiconproject.com/ Name: khaos
Value: KLUX39KL-25-IYQH
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUH+v3fWCPuzNowDE/csJlhJKmtjCZRUZWfOQt1r4H5OWjnQNTJMdWE5/rLRx3CvDzGDGfGQhinACX7QkT5r1862G0J5h4qb83eS0hKp2q2CKcxOLX+JKS3aQLFbrrxlA==
.rubiconproject.com/ Name: vis15
Value: 270626^2
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

9 Console Messages

Source Level URL
Text
console-api log URL: https://newsyou.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://pwrlkyotm.com/pixels/match.js(Line 1)
Message:
aid не установлен
console-api debug URL: https://jsc.mgid.com/n/e/newsyou.info.896370.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.mgid.com/n/e/newsyou.info.860188.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.mgid.com/n/e/newsyou.info.687498.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://utarget.ru/ranging/00cb2399e4/js/?rand=9927&cookie=0(Line 1)
Message:
set cookie
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3211151503&pi=t.ma~as.6825749971&w=300&lmt=1614865271&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&dt=1614865271892&bpp=4&bdt=1200&idt=4&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1125&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=5Lt0fiCEjG&p=https%3A//newsyou.info&dtd=55
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=2219051773&adf=4012518774&pi=t.ma~as.3705784778&w=300&lmt=1614865272&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2Ffotograf-puteshestvuet-po-miru-i-delaet-snimki-semej-s-ix-zhivotnymi-foto&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&dt=1614865271267&bpp=1&bdt=575&idt=930&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd180bf9febf395e9-22fc8781f3a6007b%3AT%3D1614865271%3ART%3D1614865271%3AS%3DALNI_MbBD4SMqu0wpfcE5m7oYkGKZz88Gg&prev_fmts=0x0%2C1200x200%2C580x280%2C613x381%2C300x600%2C300x250&nras=1&correlator=2911950995705&frm=20&pv=1&ga_vid=629737997.1614865271&ga_sid=1614865272&ga_hid=1357063670&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=805&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736376%2C21066429&oid=3&pvsid=4296289433420388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=TLP7HIEZqq&p=https%3A//newsyou.info&dtd=933

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a6abf2073eefe788fd8f678a351018c.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
acint.net
ad.adriver.ru
ad.turn.com
ad.yieldlab.net
adpone-d.openx.net
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
adservice.google.nl
ag.innovid.com
amobee-partners.tremorhub.com
ams.creativecdn.com
an.yandex.ru
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
bpi.rtactivate.com
c.mgid.com
c1.adform.net
cdn.ampproject.org
cdn.contentspread.net
cdn.directadvert.ru
cdn.mgid.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.p.altergeo.ru
cms.quantserve.com
connect.facebook.net
contextual.media.net
cookie-matching.mediarithmics.com
counter.yadro.ru
creativecdn.com
cs.admanmedia.com
csync.loopme.me
csync.smartadserver.com
d.adroll.com
d.agkn.com
d.turn.com
d5p.de17a.com
data.24smi.net
dis.criteo.com
dkrbus.com
dm.hybrid.ai
dmg.digitaltarget.ru
dmp.truoptik.com
dmpprof.com
dsp-trk.eskimi.com
dsp.adfarm1.adition.com
dsp.v.fwmrm.net
dsum-sec.casalemedia.com
e.dlx.addthis.com
e1.emxdgt.com
eb2.3lift.com
ec-ns.sascdn.com
eu-u.openx.net
eus.rubiconproject.com
f948bd9696d8d612fa1fb46b776024a4.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fcgi4.gnezdo.ru
fcgi5.2xclick.ru
fcgi5.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
front.redllama.ru
ghb.adtcontent.com
ghb.adtelligent.com
go1.aniview.com
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
hal9000.redintelligence.net
hal900029.redintelligence.net
hb.adpone.com
hbopenbid.pubmatic.com
i.i.ua
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.servestatic.net
inv-nets.admixer.net
j.mrpdata.net
jsc.mgid.com
jsn.24smi.net
m.mixadvert.com
m.trafmag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.justpremium.com
match.prod.bidr.io
match.taboola.com
mc.yandex.ru
mhjcpn.com
mixadvert.com
mwzeom.zeotap.com
nep.advangelists.com
news.2xclick.ru
news.gnezdo.ru
newsyou-info.psh.one
newsyou.info
odr.mookie1.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
presentation-ams1.turn.com
prg.smartadserver.com
prodmp.ru
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
pwrlkyotm.com
px.adhigh.net
r.i.ua
r.scoota.co
r.turn.com
recreativ.ru
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.com.ru
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s-img.mgid.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s3-eu-west-1.amazonaws.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssp-rtb.sape.ru
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1dmp.io
sync.1rx.io
sync.admanmedia.com
sync.adotmob.com
sync.alphonso.tv
sync.bfmio.com
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
synchroscript.deliveryengine.adswizz.com
t.trafmag.com
tag.yieldoptimizer.com
tags.bluekai.com
tags.mathtag.com
theroswaf.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track1.aniview.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
utarget.ru
video-native.mgid.com
visitor.fiftyt.com
visitor.omnitagjs.com
vyd5aaalwd.ru
www.acint.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
x01.aidata.io
ybej5ohp0x.ru
zn2.2xclick.ru
zn2.gnezdo.ru
aa.agkn.com
dsp.adfarm1.adition.com
e1.emxdgt.com
eb2.3lift.com
tags.bluekai.com
x.dlx.addthis.com
104.111.218.85
104.111.238.139
104.111.242.245
104.129.168.238
104.16.199.73
104.16.91.60
104.19.135.78
104.19.216.61
116.202.161.117
116.202.49.95
136.243.84.74
138.201.139.144
142.250.185.98
142.250.186.34
143.204.90.40
143.204.90.82
146.0.227.110
147.135.189.55
151.101.114.49
151.101.13.108
154.57.158.51
159.253.128.183
159.65.196.12
173.231.181.122
178.250.0.163
18.158.93.70
18.185.187.62
18.185.192.106
18.193.144.52
18.208.241.4
184.30.20.198
184.30.20.241
184.30.24.22
185.148.37.79
185.15.175.145
185.183.112.155
185.184.8.30
185.248.101.21
185.255.84.152
185.29.133.223
185.29.135.234
185.33.220.240
185.33.220.241
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.86.137.133
185.86.138.121
185.94.180.125
188.138.57.20
188.42.191.196
193.0.160.128
193.106.93.124
193.200.65.18
193.200.65.5
193.200.65.6
193.232.148.160
195.161.16.136
195.201.243.72
195.209.108.36
198.148.27.139
199.232.137.44
2.18.233.201
2.18.234.233
2001:678:cb4:bbbb::11
213.155.156.168
213.19.147.150
216.52.2.48
23.37.42.132
2600:1f18:444a:4602:a911:dd8a:407b:f40
2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37
2606:4700:10::6816:1957
2606:4700:10::6816:3785
2606:4700:20::ac43:49e4
2606:4700::6810:135e
2606:4700::6812:c05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2002
2a02:26f0:6c00::210:ba29
2a02:26f0:7100:184::2c79
2a02:6b8::1:119
2a02:6b8::90
2a02:fa8:8806:12::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:90c0:41:2801::254
2a05:d018:24:b001:d120:1359:acbb:2de6
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
2a0c:5c81:5142::2
3.123.45.2
3.126.56.137
3.220.82.225
3.232.11.255
3.81.198.99
31.220.27.134
34.120.139.69
34.120.207.148
34.192.210.97
34.252.253.152
34.96.105.8
34.98.107.212
34.98.67.61
35.156.153.71
35.186.212.60
35.186.253.211
35.201.96.126
35.227.248.159
35.244.159.8
37.157.3.29
37.18.16.21
46.228.164.11
46.228.164.13
51.178.20.139
51.210.112.236
51.77.188.223
51.83.217.75
51.89.20.86
52.17.96.80
52.212.223.152
52.214.70.9
52.218.108.147
52.28.108.245
52.30.76.93
52.35.2.64
52.4.51.239
52.48.248.240
52.50.99.220
52.57.230.211
52.95.116.38
54.175.102.177
54.197.138.233
54.239.17.112
54.82.140.85
54.84.103.220
62.76.25.28
64.202.112.191
66.155.71.150
68.232.35.16
69.173.144.140
69.173.144.165
77.243.60.138
82.192.82.4
83.222.114.187
85.114.159.118
85.192.12.170
85.192.12.173
85.192.12.174
87.98.228.78
88.212.201.198
88.214.205.108
88.214.206.247
88.99.149.88
88.99.219.174
89.108.120.68
91.198.36.16
91.198.36.78
93.95.100.117
93.95.102.105
93.95.99.151
94.23.153.171
95.163.155.38
95.217.193.26
95.217.92.172
00983f224dff6380e7ac091460c0a4efa3e1a98681e77586bbbdf44cec7be83a
00b500658fce1934621680442aeae5d4b21c0b3e1438242a0278a662dab6368e
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
02108d0f54580f8168a66842af241dab3d68dfe9e08baeb917e6bb79f3cc3636
02802963fc744cf9a4e963c1bde07455804d66cdbc99fe94d53e95c56f8e89a9
036f6d4f00f385ad400ce9655d9b0b93f61ed40882a2b42447d4a5f9635af0e9
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865
0547ef587072a824861a8b6a80596ab61a3675636560ae6b94b66a6786c4ab35
057e6d55abb03933b81d3247404d8d244a72a0d73b3c692ab24e6614a37bc67c
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f
06ab2d17163e3a098b6a244e87a1bf5e2e1feafaf93f832f82c68f390b47b955
06afeb3aed39f3b7f8cb0bcf90d0969d3992d3a89ea6541609ce6909b1b5edad
07da941ed9c7567125f244c4d63aed0914318cb2758e3b319cd9bde1a08d435e
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c74084710ab5ef598bb991211da28e7a3a7cd4233d00d68a7d3326f44b135be
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b
0eb3a4d9d2b77053b7e62f3a77ac9f22a883631d12be9dff16a8e37307c17c4c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1160dfaf455b749a38394ba516241c53d8c3f8101a6b8bd7a15b406381f738c0
126ad3f966eea855cb57af0e6e0ead57c82efcf8e6e9ccece877a238109293dd
126bac1a7b90ab24cd6d9476ad8c80994c7f21565a3111d5653bd0efdd6af726
127e107ec4653e38fbd1971b716b89c5f33d85ee1241521b86a36bc7b005cd6a
139e3708c90835225fe80a594957c569372f76dad997e12e4b690628e5c1a189
15a39cc2f5aab0c67900301640d1578b9850bca519b61e1fd7845d72ce220386
16ffd4ab4fe1a8905f9b656bc2eb23b06eca161a93bad15da7f0c711d0b1242e
17164a07b606e231f1b4784c15722cecef83d6b6397e8a8937383048c8d921d7
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2
1771634445a0ceda46cc911cf51d69ec834530c85593ade50642a7fd176c1d02
18529fb6200ff64b2aaa0fb0665f1a42a6521b13c3f26ea57ce54beb83d9a1bb
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122
1c67f3108beaf91513a064704b0c3698e282e7d8c05202a32d395f58ced623d8
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dcacffd5056e8521c39d12085fe6a73b310f80bd764e77e067ff15b49a715d3
1dcc726eecce7fb39fa84cb07d5b5053994f165902c891a261f543a635c2f64b
1e453ae3bd1329b0e5153d04b55da60a5840eb71ecdf5500b6da034f26222843
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1f92ba4d2e6289c3462e3e35aac6b0e47bb927a2218f37bc77c98f621ae952e4
200a8bef77045b2d5b4243739312e84579bfddd817d18893d3b7055a47ec161d
20d51ca8a95a98eec59e048c3b15890839789c1c4d6653ddef883709e9fc8e8a
20f20f4971adfb7fe7d513a9bbcd657393af9615c4609312e3274975329af4aa
2101717946d50b94f801a8ef785023fc0417620fb948536076e16704df67804e
218b1133d4a4b53571d28251fcc26f8c6ec50175dfa6f391c146fd2afcefb836
21b59b32be0b425e6d7ed656f3ffd46bb73822f8929cdb945c63241101757086
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a
247e7139df888b6229896c7d5b89dc8268a6d538bfb10dd3b7a20b98fdc32c60
2543fda2babd5d0ae13f9c422e25731fcd431bcc15d89ae0cf81ddf81cf05b37
25983d53055e98ade7995e6bc5e5941d46f0358d9e482a21f671e6c9d58cbfc7
25df1e1ca534896bf6326ec4344a16e8902fdbc7d6265d106518f96308fe62e4
26e3ca7ea4955ef0f3add437f13b70cb0bff94ded5d99bb5933e80bf1ade44bb
26ef1899dd7f70f7919717168bbe9a0bb2d1bd1314e33cf5c7498c937be7937b
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
2860aec72f2ec742422cce67e19134ae576581a04c608857c6fbba6db0c66be1
28dbb07338d3da53dded0c412a60bc485bf9e4313cd660d147b6883fe1812ab2
290944700109e08bc6ffe9a4571ec1e1621d0e18172150a28b67e2c4f47486d5
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
2a71ffee46d2167bbcb4b4de1396783a6e792667f3c50a1c09952ffc08baed40
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
2bfd0314c1c21fe72f3c30f4654580d840d34c5c733dcf6fd91fd36e94044c68
2d32c91109e86ac380dad26ac316e4f5de5de5a3b678bc00572490178917bb35
2d868ebbd0d5c4f033c4b51b505f3fdf53822dadc9cbe7eddd14b15235bf8de2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
30e595f7c8ae2b2e71843478f601ba67d6d39554a110a09d688b63563dcdb20c
31151eb724c7fa7113078e63bcf9448da4e5769afdacc6c58771fb21e1ec7375
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c3fa6b85b800a4adf64056ab297376221f7683e4ea6d1571778345be600e7b
32d4666670243a82684d6ae313bf3a00ad38204df748990f9ebb300f7fce21c8
356edbf8c8b052a269b0b856a4bed2f670311c5e174a7b0e9b37f4ef9106cdb9
35eb752a28e1c8a5f58c50b67ec0dc7fcb761c3fd3cce4d44ec899185d2b8bc5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3772a41d7e6ba1d22c444cb68f28e1e42169870238470b22c2ce632d781a10ed
37c6390eeec44d84bfb59ee53886e34b454fcf25ed18d56235f5150180b8b95e
383e4d162d6a14db1d72e7d7c5dc1d3d4134641927e56eab33afd96e03008099
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
3912f2ac59b2b72727d623cb105f7f44dbe98b962b9f010347fcc12e1fe24678
398d50171a33f94cf62b5fa83b20ddbf697e3d1a385706ae32fec2c7b5c1a263
3aba15bc99e9d14033ad8c9c774652238f5d75bbab22981bb1cfd4428c6185e5
3bf2a2194d9e88ac05d94c907c89c36a9d065270f1dd3ad8258f6c752e37bc01
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d827b9e8ca09855c5a0bc2edc63a6cf3ad994102a8f4db8aff0af440728fea1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fee3f8ee1a742df48cdb8dab03e78e33cf3c5c5fc6939bc13173f9e2bbfdc8e
40f390182d679f944c9c4887a31e0b35fc128416be5a02574f06135b4c12fed8
411699f411079b5513ed4b81369aebaea0531d8c6666411e719ac31094006358
41f382a9d166f08f9b885ab3f8df32eeb62714466e071b84368368c3b96153a5
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
45c0168e6d5e223b47ec19097dd01fcc1ef8be8be262ff5c9801766071d75b2a
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
45ff43a5d97abbcace7bb5f8efe41486eafd9c8b3295891bc5b30d53e67de1c7
46f42c3bacdf581f8c4f782e77f341102bf127241ae4e724fc6f2066f9704b96
47abb256d9e57f88b7ccbe4fe2641e685f10cac5ef151efcf02850fa012128bd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a8efa9cea9810feddb8b462a0f57a0fe87b3caa2cf8a26da77c9493c1d7081a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2
4cfc3011013d4a14b4498f4c14541f831ff23a65fbeab46cb0b203d9153286f8
4d96c0437b9c4899aa89e369714e393905d50a548ca6544486eecdab46dd8146
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e49e4c76f093f33aed1008c4fd28c34cb0b407d30bf81f043dcdd7a503b184e
4e591865fbcb696016e24a45f756c814fcdf6a3c4baf62a1e005caabb43b2419
4e60debc691c3fbfd7c1af2cfa881fafd330fc174510bbff563ec5190de3986a
4e6f416ca04d68570f7c80724b93019116bc56ed41a8369bb9688acb749c43f0
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa7f6e6a1cd54b1a737a0d35b6f735f8958ed3b3297932d286066e703d95082
50c76d6daa447e6dbce93366c95f320be4a1280627fd2d00f7a677503c446477
51a6f3daaa46e9c39d58cbf5e3c528aa19a680f931fb7ae8f3504834f0089481
51c572509e1cb3991cf81229d987c51c72dde71655f1d6894bd28a2dda3c2884
51f9a30cd2c9154738d08001bd13be571efa67dcb91a2a94a458af3b712c0599
52928c2ab25ea721e1a0403f0b0ba93d09f51989fd9503e8a65cd13bb2fa033e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
553a2a5f76c7f3275bd4154d30f45fdadf4b8e5860d84d2ed22f4f26acc73326
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56bfc5b3df1af71fb0c32505e7e5e2c330a5d37bfe7b8f35201bb4817ae52866
56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
57776c1c89c500fb6a15dfe65582e6d9fdc6ef2acd9b837f1c33ece83c101d34
57c388103b9416016afc0b1f8f645f93b7f9afa03fc7e117e7d7ff783843d953
57ff098aa83f4725efe570f665a4282e266d50b35259de7308f987e1eab0547a
58bf12ce1dc9898449302ca8eb232f316d8c162382cfdf8260dda43021d6283c
5971c69a6dd6c49114f2eb9847cc9e8bdbb4ea9a5918b6a8580750a780bc9016
5a598ced72ebc59626d54581f85a15a1ee6a38d20774bf7da067963e9939469f
5aaa3ccb4f142b0781bd3d38ae89237df7d8371849e187a8a8ad21a665310f44
5ad749a129e808b621b31f7b9d5b5c0f435c14bf8b64a2452a13212a210fa90e
5b6af4f6add28b5c5ecbe48a7929479d22e120966c65a16915d7e797f418a598
5bc0c5742d193cd85613c9658da28cf257205d3bc1663d0ee0f982e3b0ec7e47
5d0480011b8f6b731af7cb95aa86cbfe7a64cea5078e2fc53d7f6dcc6202e020
5d082adcf7c6f2ba4883dd04bcda56cb6e86e053250cae79d5ff025e164738bb
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d8319c614db02ee0b5243a2de2c2f166cf5fdb3029fc38ca8fe43c65c9bc793
5dac0aec64185ca32551fe7ec9057573cc23cb9092bc6ec4019d05864ab26f96
5ed5cb32c4b81e92f5413c684e6e5bc5823463788cf7f0a041b7ef238fa4dc5b
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
60a04615ccebb6f0142305b01fe70bcb14b1bfc57945f1fb4d68453a412c86f1
61d62cea4db8470d4d47e2517c3b0e04bfd57451cdfe1b314bb7ed9ee2855747
6250339322f609be8ece4fe15c087e4b204b24123f1fa52cc86c4db6e92db692
63f537c8f74c24ebe5c3069ae23893ac3a590a5ce2cb13dbde174d24251d3b77
6490d2898ef82a7d142af8178481792700183d7d026790dc4546541bdc4a4189
651860a50c17c8fd1c3632d4b18fddcb8338d3605abd36802ad94ca367657190
6574ad06263cc8a5614647610e22d3701583c52abaa35d7bafd37131a57ffd5f
67ad9db3478df5db2238a5e07f122d309916055e2b14ab918864c3c55b2139a9
682ffe96d9ea2ce39f121fa5158b12f434eecd712d301db2f1747196f8972b1e
69302d6a87a3cfac95af75c6711f93a61fa5ee11c6fc5ed5dc85724b4d3b500e
69852b183588d73f358f456239e55a061334a16c2c501f067b2a8b23c6af8442
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527
6a74f127df042eb9437b5fcdaa3291a20c1781f129e5a6a5ee646eae24d4345d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aef7998f7d703339e40ad8a787390ef47f01abdd37eafeb5702d48ce2854846
6cb5b25571d26c28a1e22a0e29fbd413a11ea52a910c61d310fff81c57a7389b
6d205cacc7d17ec9bb53b634a2e7d4897afc7ee5b32c9e1c3f12b02a55bbfaba
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
6f0561883d4babf67262942ad27ab43554c73069dee691495971d4b4c14b2158
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
760ab9fb4e8499921ab275830d6d5b3c39380e94e7f8fdbdf77951d5eb43c099
761b309e550425464d627968eee8c2fc2e1b2268a7729ce004f75b75e196ad06
764e345c65ec0cfbdcc2b45be8dcab4fa65640161a95b50b4717f1c48d85ce16
770c6527ddfd45036db941da16f1cd0d78e301db5a59b5bf46b20e2c9d734bc2
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a871c50b9af46203eac3c10ec31a5a4379c952d9941902e3a281ad62dd0ac7e
7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7b2bd6b1647ff3cf2c25a20397af6d3319e619b613d795d58795fd59fbe7434d
7b3a9d3a8fc946cd069dba67e3faa2acc1e463ddbcebde7f362be442db430215
7c8193fdcafe6bb993c62d7740cda830c43b6429b0a49982c2c8644d1e7cf5af
7c92929d189373af6c5f6e0a75fecca4d7b0e354a673c7bbff7182ba3c16318c
7dd273fa5e1dd18e0362e35f68917c499abd326015b5d93b8e118e343159f939
7f70ebaf7ea9939bfa5120cd44f0f584011a01bdcb37c02d9aa368035d40c96e
7fa734a457dae6111e2e4b2568fe29e3d98a592da51ef2464d57a463b6d11beb
7fb13acbf7ed4cc271536d629db081f7dfceaa8c1859ff03109c761ee8c57549
80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f
8154eebab74a1f4c4fa7131871563ed80aaa1a18bf68013c2f7795966243507d
81d37e4f93694db42834afdbaa08c927e54eb142280021059d570e673a232d70
82a27787438fb42a1d78db250abc9f4ca19b78ae63f548626d0bfc65bc641a04
82e5409c796f8bcaeedde479472681829fb6f0684e967fe86292d0e40dfd2373
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd
862eade5609e764132fe19839ac2860fdbc208a24644aba3fd870a4f5fc24183
8663b9b1464e73c334830b36704685e98b1d8b769a3bc6fdf04e56a16e0e3971
86c140945f644d6bf42c732e7d10453596842012d5daa7f3c9b6cc0ba85be020
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
87d6a2a0d1cbf74eeda2042f80af8744101832c50e4dee734cf6324adc971dde
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a77481ad90690b4a8c98cdb517598ac3d6b892384ffddb50b9e822f2dd5a701
8adf636e0ef88f302f061352b3e48662e0020cf964628e757b1c2857ef7efbd5
8c1878e8a6f4f613c3fc937a26952ebabc6dd3fc1bbdc942dc8664c1638d2d07
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da489bfe3ba801f5e650f477a160e9a0bad62c872558d07573f4ca9e0e05e12
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9134ba105791a98db4232995f9269055b4b8e734581bdd58cff57c5521f1165f
913ce10a35e136f92279aea9808b36eeee521602464b6cf07b7832714c6617e6
9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a
922d5a209cca81e8a8cd9dc7f04c29fffc1617a286026bdc1a7ecb3976f9819f
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92d07b6cd9ea5bb430c873f33df1e58ea20fa484b2874d82b7022f22fa784e59
9315567f6c0c1d23d2cdcf7a257d1c60a3737fa9bb2047955b5515c05b6ecf7b
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
95458a6d94db6068ec45239984bc7b7585845aa43ce315a6aaf2b038a8f04476
9687c00072c5c0e774a3ffc7e82e1a615f043d56b2f9d3e9c8c6dfecfad3cc5f
96f92bb1fd9b43f3470e66604d3371aa24bb099eff812dbbd9cc35fe711ab2c3
97185bb4288fb07432ac7c76eff376ad4cafd7805cebea949a0254409742d470
97ead41ba525986a800ac82fa2aba17ee1954ef84a0331c5205b95265a156cdb
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
986a772ee04e4f4961353eb91270006a1729e645b028414d3b510eb632eaaf89
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c903c72fdb910d5eb782f4eca204d5a599d2314a8f708c18fbe462e945a5c9
99d7337345bb08bc4a79663eb807a537188ac6a5550e42ee5deff332ed1e79a9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45
9b9fbd710193207493bc35f6c83d5654b021ff7f3348f558e04116d015f5f307
9c375af459e0d4b9af66e51d4512c4fd178251bbc19e365c83dde15f9c815778
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9d42918c50455303066f1a56efd86f3b485b6deb9ea74061bab14721cd61fd53
9d9ed450563ad9c062655b391ffc6058dd26e951f6c58aba0be924d08fc6a1c8
9f6ecac171a8dcacd78a493a975b95a384a46b8211ffa753f7de2bb0ef64f6cf
9f7e11e366a5250613892939bdf8353c13f595254b4cc747c99006f6813b742a
a02680a8a95da2d91109f85ba53de1145cd4f317e98fca1b069cf9f25bb93599
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0715c77ed9d570516198fbe5ed0e32e6fb3a2bd12eedce7e21e6b99f5856829
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1bad1b99210bcbcf6d754b3e64a023a36a26a317e370d2a8474d0bdf6e11296
a215dfc619c9f8aa50e5aab45d1ee793c44ffe2a6dcd0bc1ba27dbb3f1cdcff6
a299d903d139dc0ebba9c9ace11dfc1e4210bde4102cfff971a9c5c6c07d8199
a2fd3e8f2be4c50d80ddc86ed18a60bb8b961af80e8a0f5f357c48b3f523a45a
a40bdcc5a5de97c8b6f811db288da85fe47f71b8e97c9504bba299b914560621
a42ffefc5947d2f3a158d429b6d23ff56ac5e247abe2965e1ed5ff40537d9f9c
a430a3f10ce490ee3be6f3159a368b22de00eb7089b4f7980e7de5bf943ad1d4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5351cc5fcd84ca5f24714cbc76e6b8f4fbf9a73fb9f7491bec0b523d073987e
a5c3718ccb9dc1b5dd17520320f53a9f20c8404302d21e81180f7c4d97b4a93f
a6fc66836fcf4fbeee91ae9a81927fecd5d4a10adb048c94ce2efab492656311
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a72385e583d9b723dbd22ba9f9113d2a932875f41db89004846d98c752db04f6
a810cf86ef28e3dcac166c8cfbf5d076b137d4bdec675a8d492fca529976eed9
a8878e89ab7ac431c06dc278dcb3d61905ab15e12d6c47ad7f3e511535c5d70b
a8d7fd2864e7666dc1b223d949cc5570bbedd8eb3cf15e6c9f231b77ef753e1b
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa6d3593be0bcd2048e99fefe61b616be8c948e3ed4b0afa077f4a4e24e89d31
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
aca5824bde2a5e0c59847ea95a15dbd317d3e08a6b4ac5bd08298765faff6409
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad90f960243beeea5c703298139b6a6efe60425bcbd045a71c69049322d2bc19
adb9fb96cf97c0a806d0ead19172181dfaad2ec337d22f5bf93896b6217db0a9
adeec1402fdb37cd3296f2696f0ea90929e3064a271880ff54730498e3fe131c
adf38216e8c1a7dbb2efc8bd198bbc8b28cb70b299fa3ce35f6b9fd55b3e072e
ae258f38fac53da90949b9374a1822af96d722f81fab5eeb8263974538a72c6d
aeadea2f11e61dd4067640af64af5dfde3cfdcc624d108baa0374a94677568a1
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
b04ac68fd2339840f4dd5490673597775fa52f3ab7b2a81a4f780cacf253b30c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1773a3b3b92f77c2a4f075972566139c73ebc8f547c55929182c70ed60da096
b357031291532d150c46b043668f07f82f8074c01eddfbe886b90f8dd6755b31
b3cee94413ff3913261cb4a859fdb3eb69586a429aa2ba02ffaf73543667371c
b53cb7f18cd106fd3c2dcd6cbfac8df83c9b707995e2af2d159a0a4c7a95bbca
b632ccaa7fc94b205eee201683675ac47ada67da2de28c5e98a9541fc1ddc8dc
b661f6937b1215fee1a2217628729748102cc6d2037d1b2b5298a5b7e482852e
b697c788bfde9205437ef8437c39d6ab4d8e39dc03da6635024578327ac25266
b73f0852e7eb32050051aac3e294a26bc30fe3a52698f4900f075ec8c5bf513b
b7b7bd83f2673d019cf6005b2be4bec040d665f7c08331b4af8a69b38717edc8
b8c9221a038c12c40b0e638f7d43c5cb5ad37fabc27d5481f9a9c299ecda6345
b96e3463e657d1915ec693eaff27a79892ea150ce147b5bd781a2e9606e1ac5a
b9c93abdf5c5bbefafc8b698715213d51fe502637e6744ca94c43091945b48d9
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
bc5e26725e8a7c205fe3b116f280f29d902ad5bf945523fd6c2bfa49580ef74a
bf37f70cd205d5d7b963c3dc4678662d546ddb454000abdc0b35f8860a9177b3
bf736d65948cf097ada47ace72a27b669ec18074499eec6c8db193803d58cb33
bf8c7819538a0a83fc7ded19cde7d36dac6711283dc4280eddf54c1093a8f226
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c13520c75153171c7872fe2f52594ebde7a7f519b4566f7072471392d260c535
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c44588367b4e8a9c65210c0077285e3cdbc797fe4831cfbab4c8fb6e57f7cb46
c6519d6a796a5ef0daa0e7628812ffc354d25635216b7aaafda7cd58a958dc6f
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
c7a4e4fd1579ef5c984bc04b6ccd29b14b44af46e55c42455c907be565ee7f18
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
c8858c53fc655a7684dbed61472a811f0399d63e2ca955edfaac71141d4a6438
c8ee500079e41f1affe252e4086d17a67b1d762ec71a93bb902a77bb7f320c84
c9a21015e0be5f2f6a5bf2ec55b2840b57e6d86c5b921be41868b4d2f92f905d
ca2f6fe9ecfbc6d84adde59a9526183eca0d431d04ad180fa30b7e13c9f07dd2
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb2ceca31b227200f66a8c40c58623193dbb8dc5610ebfaed5920a0d9b323fdd
cca9d3770799508f227568e9bcc1cd0f49f0c6386eed0fb19cc670b0d2ac5e77
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
cd4a771a2c0677bbd2b9026f30c5df9e9133c3c4cce30e12635ee424912dc774
cd704d1b9d4a086adeb2118cf5d2484c2dc25e82fe9a1aeb99cb64872491eb4b
cd90c1ebcb1a32739ead6d02cbfbc1f9813a83a398f6d810b9410159bc3d3ab3
ce349208165750294703765b74bc2fc56f882d597695f76c27213b5b4adf06a5
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c247fa34bdf7b74a945515437e05c3162058575457b366bdd239bea640c412
d20908766d7943522022ee2e1cfb1a1d9c20ebc0908314776c08717615196797
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d513ab5ef10d27386b6005d572b4aa2588a6305138c90931b3784d60e414b7e1
d51ec12a9fe09e512ddea28fa358cc1bc5e4a87e98ce5800dd926fc472eea4c0
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d84c5723d952d3e73e24ae018797f3d4dfa6425447623cd8a06038d8f5acd33b
d987bf3ba07af41807bfd69b172778491bccf5ee73a06fceb57704ebfe2bc289
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
d994eb348a3c94fea13450dfda0e284ed651791d55b21175c8f90961475a7a26
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
db7f81715ded59dae908823eb3e055732aa245d8a2f10a6b9d9c025b11f58f76
dba8373b77d5f4fe9610ef894b1f473168b17582506353d3d88939277b271a82
dd50e8e0c0285c83f01efb99f2b245f5e654e710eb31606e22c3283896a196b1
dd97ac8e374ce2b8ab5148e00ff8036c31d21557bdc7d093f7dd0a3e9cd19a49
df213200600a90d992d7471401155c3e546a0e21a110a09a94405b7b64cfcdb1
e04f5ee1ae116af3a9a4ead0878281a693857ddcefe68b6d0ef3483ec29526f2
e0704b2cad70f201f73457b23f394b2e493df57955338d76414017394a45742c
e08033b820c3d22c09dc67f3e10abe8ed405675a18409a4aa63397e62df07c49
e0dda4dca6e977aadbd0c0916cacedc1d0328f8e87076d9caa2329bf88910911
e0f025a03b373e4f49c8c2b1a1f6675357b7e5535356ad439035a42d9adf9e76
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e2e0cb955651279a938ee17fc6a5a8fc63e065d131e93af1583bf114f6adaa23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d01632040a1f56d07668e002c86e48c24d992d293254c7d6d03bfb3cd184af
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e707d96cab4afa8bac669b03aa7d9edf876631c503fabe3da15e93dc840ac877
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
e793354b66452ca81b6d3d06db8d1826d85c18a13372a42bd4ef5068ebf0c678
e7b0721790d1d52f1227dfea71489ccdd711f9204e256812a3435e829dc92681
e88246a5e6e311fef6ba7f844ca8c7cfa97ae7fa419cdc2b353dcdc84068d4ee
e8d1606ef8ea600088ce8ca1b2405ec3e59dafa17e01e520e54bb768535634df
e9e54cbcdb882fb8432a482d5f22b1415f18277c4a704e80d5be50cdc261a5fc
eac9800fad6a1d56431378fa97839c9a207ca32301bdd106858da6d2fef9f057
eb7665cb23c8e60f134135531709066e420c5a972f605ae6b6ebfcfc9d812315
ec5f165087df17f3e42b3dd772feaa4cb90a47a130f0e6000a29aad4aadfb666
ece4db6870a909ccaf2a11fd413a6a6a099a78a5433a8331e4bea6f97251dd39
ede5b672d66ad80b501082e3ebf3d97a8ba9f13a1c3cfeba116c27fc4bb5820e
ee830c9e064d0423da0c83dabd0249b7f74885700a6fc58ed9f535591591c8db
ef0ec4c973888c72b60db22b13555433ff34f0f1424be80739634b146bea5076
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ab3010956dcee3eb0c79f481631611951189be27f159e9a5e82c912bcc10a8
f2d18686d2370cf49a73d1956911a68ed5b6dd7877a0f3777cbeb2ebee37a7d0
f2e6b883d964ae24ddac94788742ddb314d5510d00f61c8ac1752554fa111e45
f37800caa74d3d9cc272b5cb9ead64fd7977e3ccf64c5e8fb7d0015b518b61d8
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
f444f7011ceb3681141d2a61989035bcbd67d05461f549f92996733527d7ba92
f4cb1588a09fdb2c9c7fbb6cc26415d689f330ebbcbbae3c241ee91ac20348a2
f66b05fcd3c18a22f1cb94a9c90ad9caad4cb927fbf4025c50fd336bd319f037
f70b32586066cb18d63afaa7e162464f21a2cfa197f414a16cad9aecf58823a3
f71c5f813630cea61c331e6bd6b2234f0aa0ec3b04536e050896eab0952b63ed
f73aa933bf967c43fe99a3d10e2d0840500795231852f28d1b3e07ef1f03e06e
f813391fcbcf84ed666e7a36ae6aba399385319e6ada331a56f72f6b4d117131
f9c28eb4eda82acc5f9a65527fb6ba5a6192644e471411cd69da7d9e9585773e
fa0c40e8dc6476b7488ce93d88266c4ad269795b4a25209d0f02b9b707a4e28c
fa4e5eaff8030b336a414c7ceb3633873a63ed9963ca40cb40851e292c358684
fa6baeae3cb3f5723d40c311888b0da77590b8dc1353c5c7c6e944e7f6c346ac
fa9d698fb375c2176f65e8e1a2338f711edb4a167407dca5ebff455911b89699
fb6d86692cd6763ea425040ea01f9db1af7d9afc3831d9d7befce4cd766a67b3
fbec66b49e7f4d4ea2810e1cf8f8f8faae1a2262d3bc51ea62fa7768270b4903
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9
fde80630b6bf66a9930de6a23105d3bad7c79735df329767db1a31a4f29a09c6
fe3b9ec903128a4464bdabd33a33265476786fb1b7e8558908754e69c18c5dd1
fe4120db213ce0688f6d36fc06d193697cb6682410f9b2d48f0ce7b02d848b78
fe89d0326efdca12bdf55bc4a69526766ea525d443d3733d9eb37a39e80ca6da
feb9084b15077bef34f89531e897347ac121c82a56bd68df1e72ce11747ebabc
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
feed1dc827da303dc25acf61238a1a127ca164394ff702b651c4d3487803bdf8
ffd790027e18ab64c431cfb4b75b12cc7bcb9531ac83cfffb1c69b04aba7ba24
ffdb9a030a364449c2722f23f188dbad675de602529cef38f1529d51e82ba7ab