urlscan.io logo urlscan.io
SecurityTrails logo

newsyou.info Open in urlscan Pro
185.248.101.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Effective URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Submission: On December 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 90 IPs in 11 countries across 88 domains to perform 545 HTTP transactions. The main IP is 185.248.101.21, located in Russian Federation and belongs to IPSERVER-RU-NET Fiord, RU. The main domain is newsyou.info.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 23rd 2021. Valid for: a year.
This is the only time newsyou.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 185.248.101.21 44812 (IPSERVER-...)
10 2a00:1450:400... 15169 (GOOGLE)
2 85.192.12.169 12695 (DINET-AS)
31 62.76.25.28 61400 (NETRACK-AS)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 165.22.198.175 14061 (DIGITALOC...)
5 93.95.100.117 48347 (MTW-AS)
6 26 104.19.132.78 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 79.171.117.17 64494 (VARITI-AS)
41 146.59.12.236 16276 (OVH)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 85.192.12.174 12695 (DINET-AS)
6 2a03:2880:f22... 32934 (FACEBOOK)
6 80.211.42.243 31034 (ARUBA-ASN)
8 147.135.189.55 16276 (OVH)
1 2 88.212.201.216 39134 (UNITEDNET)
1 1 91.198.36.16 43405 (DIGITAL-V...)
1 91.198.36.78 43405 (DIGITAL-V...)
3 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 208722 (YNDX)
1 27 2a00:1450:400... 15169 (GOOGLE)
2 193.200.65.18 6681 (GIVEME-CLOUD)
8 82.192.82.4 60781 (LEASEWEB-...)
3 185.187.81.40 43332 (IDSTRATEG...)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 193.106.95.134 48614 (ITSOFT-AS)
2 143.204.209.32 16509 (AMAZON-02)
3 2a03:2880:f21... 32934 (FACEBOOK)
1 2a03:2880:f21... 32934 (FACEBOOK)
8 185.148.37.79 48347 (MTW-AS)
13 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 193.200.65.5 6681 (GIVEME-CLOUD)
2 4 31.220.27.134 39572 (ADVANCEDH...)
2 136.243.84.74 24940 (HETZNER-AS)
2 34.120.139.69 15169 (GOOGLE)
1 3 193.232.150.44 48061 (UMA-TECH-AS)
6 37.18.16.22 205675 (HYBRID-AS)
5 217.65.2.150 29076 (CITYTELEC...)
7 7 46.4.114.109 24940 (HETZNER-AS)
2 2 157.90.179.214 24940 (HETZNER-AS)
2 2 195.201.243.71 24940 (HETZNER-AS)
6 6 96.46.186.57 7979 (SERVERS-COM)
4 4 144.76.118.233 24940 (HETZNER-AS)
18 2a00:1450:400... 15169 (GOOGLE)
3 178.250.2.135 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
3 145.239.108.234 16276 (OVH)
1 77.123.132.42 35680 (VOLIA)
1 94.23.153.171 16276 (OVH)
4 2600:1901:0:7... 15169 (GOOGLE)
48 2606:4700:20:... 13335 (CLOUDFLAR...)
3 6 2a00:1450:400... 15169 (GOOGLE)
2 178.250.0.160 44788 (ASN-CRITE...)
2 2a02:2638::2 44788 (ASN-CRITE...)
9 185.148.37.26 48347 (MTW-AS)
4 5 2620:116:800d... 16509 (AMAZON-02)
2 2 54.171.63.239 16509 (AMAZON-02)
4 32 142.250.185.130 15169 (GOOGLE)
5 5 52.29.77.212 16509 (AMAZON-02)
4 35.186.253.211 15169 (GOOGLE)
6 6 198.47.127.19 62713 (AS-PUBMATIC)
5 6 69.173.144.165 26667 (RUBICONPR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 4 35.244.174.68 15169 (GOOGLE)
5 34.98.67.61 15169 (GOOGLE)
3 6 217.182.200.20 16276 (OVH)
3 77.123.132.26 35680 (VOLIA)
1 4 89.108.119.28 197695 (AS-REG)
4 93.95.102.105 48347 (MTW-AS)
2 2 195.209.108.39 52007 (ADRIVER-AS)
2 2 104.111.215.191 16625 (AKAMAI-AS)
5 85.192.12.173 12695 (DINET-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
8 8 84.200.5.215 31400 (ACCELERAT...)
2 2 78.46.85.162 24940 (HETZNER-AS)
2 82.113.101.132 6805 (TDDE-ASN1)
2 2 88.99.63.132 24940 (HETZNER-AS)
2 82.113.101.236 6805 (TDDE-ASN1)
2 2 142.250.184.230 15169 (GOOGLE)
1 2 104.111.239.217 16625 (AKAMAI-AS)
1 148.251.139.77 24940 (HETZNER-AS)
8 46.236.13.147 12703 (PULSANT-AS)
1 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 35.187.117.15 15169 (GOOGLE)
4 143.204.209.81 16509 (AMAZON-02)
5 62.76.25.4 61400 (NETRACK-AS)
8 104.19.136.78 13335 (CLOUDFLAR...)
1 2a0c:5c81:513... 55081 (24SHELLS)
1 1 23.37.42.132 16625 (AKAMAI-AS)
2 23.79.143.124 16625 (AKAMAI-AS)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 2 34.254.166.91 16509 (AMAZON-02)
3 4 18.185.142.87 16509 (AMAZON-02)
1 104.16.221.74 13335 (CLOUDFLAR...)
2 2 15.197.193.217 16509 (AMAZON-02)
2 2 35.212.212.222 15169 (GOOGLE)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.139.94 201081 (SMARTADSE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.19.217.61 13335 (CLOUDFLAR...)
1 216.52.2.19 29791 (VOXEL-DOT...)
1 69.173.144.139 26667 (RUBICONPR...)
1 8.39.36.142 26667 (RUBICONPR...)
8 34.242.207.34 16509 (AMAZON-02)
545 90
37    185.248.101.21 (Russian Federation)

ASN44812 (IPSERVER-RU-NET Fiord, RU)
newsyou.info
10    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    85.192.12.169 (Russian Federation)

ASN12695 (DINET-AS, RU)
vcmjf535tx.ru
31    62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
ocmurc.com
8    2606:4700:10::6816:294a (United States)

ASN13335 (CLOUDFLARENET, US)
jsn.24smi.net
1    165.22.198.175 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
calculator.codes
5    93.95.100.117 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
news.2xclick.ru
news.gnezdo.ru
26    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cm.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)
ppvesdfiojol.com
41    146.59.12.236 (France)

ASN16276 (OVH, FR)
PTR: vps-984bd72a.vps.ovh.net
a4p.adpartner.pro
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)
pxksnymto.ru
6    2a03:2880:f22d:e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
6    80.211.42.243 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host243-42-211-80.serverdedicati.aruba.it
telegram.im
8    147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com
m.mixadvert.com
2    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru
counter.yadro.ru
1    91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua
r.i.ua
1    91.198.36.78 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: sh02.mi6.kiev.ua
i.i.ua
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
27    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    193.200.65.18 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: utarget.pro
utarget.ru
8    82.192.82.4 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: lw2070.ua-hosting.company
data.24smi.net
3    185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
loadercdn.net
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    193.106.95.134 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
2    143.204.209.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-32.fra53.r.cloudfront.net
openfpcdn.io
3    2a03:2880:f21c:80c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-1.cdninstagram.com
1    2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-2.cdninstagram.com
8    185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi5.gnezdo.ru
13    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
20    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
4    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
recreativ.ru
2    34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
3    193.232.150.44 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: sender.premier.one
px.adhigh.net
6    37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
5    217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
7    46.4.114.109 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info
www.acint.net
2    157.90.179.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1407632.sapientru.net
ssp-rtb.sape.ru
2    195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info
acint.net
6    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    144.76.118.233 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.233.118.76.144.clients.your-server.de
exchange.buzzoola.com
18    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
3    145.239.108.234 (France)

ASN16276 (OVH, FR)
PTR: d5.mix.storage.badvps.com
i.mixadvert.com
1    77.123.132.42 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
1    94.23.153.171 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: d5.mix.site.badvps.com
mixadvert.com
4    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
48    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
6    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
9    185.148.37.26 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
zn3.2xclick.ru
5    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
2    54.171.63.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-63-239.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
32    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
5    52.29.77.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-77-212.eu-central-1.compute.amazonaws.com
d.agkn.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
5    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
6    217.182.200.20 (France)

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl
googlecm.hit.gemius.pl
3    77.123.132.26 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 26.132.123.77.colo.static.dcvolia.com
img.adpartner.pro
4    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
4    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
2    195.209.108.39 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
5    85.192.12.173 (Russian Federation)

ASN12695 (DINET-AS, RU)
dmpprof.com
dprof.site
1    2606:4700:20::ac43:4679 (United States)

ASN13335 (CLOUDFLARENET, US)
img.servestatic.net
8    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
8    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
2    82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
2    88.99.63.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.blau.de
2    82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de
portal.blau.de
2    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
8    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
1    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
1    35.187.117.15 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 15.117.187.35.bc.googleusercontent.com
neso.r.niwepa.com
4    143.204.209.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-81.fra53.r.cloudfront.net
analytics.webgains.io
5    62.76.25.4 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
PTR: mail2.mascotte.ru
guepslka.com
8    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    34.254.166.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-166-91.eu-west-1.compute.amazonaws.com
ad.360yield.com
4    18.185.142.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-142-87.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
8    34.242.207.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
60 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
133 KB
56 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
2 MB
45 adpartner.pro
a4p.adpartner.pro
file.adpartner.pro
img.adpartner.pro
220 KB
37 newsyou.info
newsyou.info
2 MB
34 mgid.com
jsc.mgid.com
cm.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
433 KB
31 ocmurc.com
ocmurc.com
607 KB
30 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
322 KB
18 gstatic.com
fonts.gstatic.com
243 KB
16 gnezdo.ru
fcgi5.gnezdo.ru
news.gnezdo.ru
fcgi4.gnezdo.ru
30 KB
16 24smi.net
jsn.24smi.net
data.24smi.net
50 KB
13 googleapis.com
fonts.googleapis.com
9 KB
12 webgains.io
analytics.webgains.io
api.webgains.io
205 KB
12 mixadvert.com
m.mixadvert.com
i.mixadvert.com
mixadvert.com
203 KB
11 rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-west.rubiconproject.com
14 KB
10 2xclick.ru
news.2xclick.ru
zn3.2xclick.ru
260 KB
9 acint.net
www.acint.net
acint.net
3 KB
8 webgains.com
track.webgains.com
103 KB
8 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
17 KB
8 google.com
adservice.google.com
www.google.com
716 B
8 ppvesdfiojol.com
ppvesdfiojol.com
108 KB
7 googletagservices.com
www.googletagservices.com
256 KB
6 gemius.pl
googlecm.hit.gemius.pl
1 KB
6 pubmatic.com
image6.pubmatic.com
3 KB
6 criteo.com
cat.nl.eu.criteo.com
rtb.nl.eu.criteo.com
cat.fr.eu.criteo.com
rtb.fr.eu.criteo.com
1 KB
6 betweendigital.com
ads.betweendigital.com
4 KB
6 hybrid.ai
dm.hybrid.ai
1 KB
6 telegram.im
telegram.im
21 KB
6 instagram.com
www.instagram.com
196 KB
5 guepslka.com
guepslka.com
147 KB
5 mookie1.com
odr.mookie1.com
748 B
5 agkn.com
d.agkn.com
4 KB
5 quantserve.com
cms.quantserve.com
pixel.quantserve.com
2 KB
5 new-programmatic.com
match.new-programmatic.com
1 KB
5 yandex.com
mc.yandex.com
2 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 blau.de
partner.blau.de
portal.blau.de
4 KB
4 o2online.de
partner.o2online.de
portal.o2online.de
4 KB
4 lead-alliance.net
www.lead-alliance.net
3 KB
4 telefonica-partner.de
www.telefonica-partner.de
1 KB
4 aidata.io
x01.aidata.io
2 KB
4 rlcdn.com
id.rlcdn.com
1 KB
4 openx.net
rtb.openx.net
542 B
4 buzzoola.com
exchange.buzzoola.com
760 B
4 uuidksinc.net
s.uuidksinc.net
913 B
4 cdninstagram.com
scontent-frt3-1.cdninstagram.com
scontent-frt3-2.cdninstagram.com
96 KB
3 dmpprof.com
dmpprof.com
2 KB
3 criteo.net
pix.eu.criteo.net
539 KB
3 adhigh.net
px.adhigh.net
1 KB
3 google-analytics.com
www.google-analytics.com
40 KB
2 e-volution.ai
sync.e-volution.ai
918 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
755 B
2 adsrvr.org
match.adsrvr.org
904 B
2 360yield.com
ad.360yield.com
613 B
2 creativecdn.com
creativecdn.com
687 B
2 dprof.site
dprof.site
1 KB
2 awin1.com
www.awin1.com
1 KB
2 addthis.com
e.dlx.addthis.com
1 KB
2 adriver.ru
ad.adriver.ru
1 KB
2 everesttech.net
pixel.everesttech.net
806 B
2 sape.ru
ssp-rtb.sape.ru
1 KB
2 eskimi.com
dsp-trk.eskimi.com
324 B
2 recreativ.ru
recreativ.ru
218 B
2 trafmag.com
t.trafmag.com
702 B
2 openfpcdn.io
openfpcdn.io
846 B
2 prodmp.ru
prodmp.ru
357 B
2 google.de
adservice.google.de
914 B
2 zmctrack.net
s.zmctrack.net
24 KB
2 utarget.ru
utarget.ru
49 KB
2 yandex.ru
mc.yandex.ru
66 KB
2 i.ua
r.i.ua
i.i.ua
2 KB
2 yadro.ru
counter.yadro.ru
1 KB
2 pxksnymto.ru
pxksnymto.ru
96 KB
2 facebook.net
connect.facebook.net
84 KB
2 cloudflare.com
cdnjs.cloudflare.com
35 KB
2 vcmjf535tx.ru
vcmjf535tx.ru
61 KB
1 lijit.com
ce.lijit.com
348 B
1 lentainform.com
cm.lentainform.com
495 B
1 zeotap.com
mwzeom.zeotap.com
453 B
1 smartadserver.com
ssbsync.smartadserver.com
347 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
880 B
1 niwepa.com
neso.r.niwepa.com
464 B
1 adcell.com
t.adcell.com
480 B
1 congstar.de
banner.congstar.de
517 B
1 servestatic.net
img.servestatic.net
12 KB
1 loadercdn.net
loadercdn.net
169 B
1 googleadservices.com
partner.googleadservices.com
647 B
1 calculator.codes
calculator.codes
20 KB
545 88
Domain Requested by
41 a4p.adpartner.pro newsyou.info
a4p.adpartner.pro
37 newsyou.info newsyou.info
pagead2.googlesyndication.com
32 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
newsyou.info
31 ocmurc.com newsyou.info
ocmurc.com
26 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
newsyou.info
24 assets.ad4m.at as.ad4m.at
20 tpc.googlesyndication.com googleads.g.doubleclick.net
18 fonts.gstatic.com fonts.googleapis.com
16 ad4m.at as.ad4m.at
ad4m.at
16 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
13 cm.mgid.com 6 redirects jsc.mgid.com
newsyou.info
13 fonts.googleapis.com googleads.g.doubleclick.net
newsyou.info
client
vcmjf535tx.ru
10 pagead2.googlesyndication.com newsyou.info
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 zn3.2xclick.ru newsyou.info
news.2xclick.ru
8 api.webgains.io analytics.webgains.io
8 s-img.mgid.com newsyou.info
8 track.webgains.com as.ad4m.at
track.webgains.com
8 fcgi5.gnezdo.ru news.2xclick.ru
newsyou.info
8 data.24smi.net jsn.24smi.net
8 m.mixadvert.com newsyou.info
m.mixadvert.com
8 ppvesdfiojol.com newsyou.info
ppvesdfiojol.com
8 jsn.24smi.net newsyou.info
jsn.24smi.net
7 www.acint.net 7 redirects
7 www.googletagservices.com googleads.g.doubleclick.net
7 jsc.mgid.com newsyou.info
jsc.mgid.com
6 googlecm.hit.gemius.pl 3 redirects googleads.g.doubleclick.net
6 pixel.rubiconproject.com 5 redirects newsyou.info
6 image6.pubmatic.com 6 redirects
6 www.google.com 3 redirects googleads.g.doubleclick.net
6 ads.betweendigital.com 6 redirects
6 dm.hybrid.ai newsyou.info
6 telegram.im newsyou.info
telegram.im
6 www.instagram.com newsyou.info
www.instagram.com
5 guepslka.com newsyou.info
5 odr.mookie1.com googleads.g.doubleclick.net
5 d.agkn.com 5 redirects
5 match.new-programmatic.com newsyou.info
5 mc.yandex.com 2 redirects newsyou.info
mc.yandex.ru
4 x.bidswitch.net 3 redirects newsyou.info
4 analytics.webgains.io track.webgains.com
4 www.lead-alliance.net 4 redirects
4 www.telefonica-partner.de 4 redirects
4 fcgi4.gnezdo.ru newsyou.info
4 x01.aidata.io 1 redirects newsyou.info
4 id.rlcdn.com 2 redirects googleads.g.doubleclick.net
4 static-de.ad4mat.net as.ad4m.at
4 rtb.openx.net googleads.g.doubleclick.net
4 cms.quantserve.com 3 redirects googleads.g.doubleclick.net
4 news.gnezdo.ru newsyou.info
news.2xclick.ru
4 prod-rtb.ad4mat.net newsyou.info
googleads.g.doubleclick.net
4 exchange.buzzoola.com 4 redirects
4 s.uuidksinc.net 2 redirects newsyou.info
3 servicer.mgid.com jsc.mgid.com
3 dmpprof.com pxksnymto.ru
3 img.adpartner.pro newsyou.info
3 i.mixadvert.com newsyou.info
3 pix.eu.criteo.net googleads.g.doubleclick.net
3 px.adhigh.net 1 redirects newsyou.info
3 scontent-frt3-1.cdninstagram.com www.instagram.com
3 www.google-analytics.com newsyou.info
www.google-analytics.com
a4p.adpartner.pro
2 sync.e-volution.ai 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 match.adsrvr.org 2 redirects
2 ad.360yield.com 2 redirects
2 creativecdn.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 dprof.site pxksnymto.ru
2 cdn.mgid.com newsyou.info
2 www.awin1.com 1 redirects as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 portal.blau.de as.ad4m.at
2 partner.blau.de 2 redirects
2 portal.o2online.de as.ad4m.at
2 partner.o2online.de 2 redirects
2 e.dlx.addthis.com 2 redirects
2 ad.adriver.ru 2 redirects
2 pixel.everesttech.net 2 redirects
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
2 cat.fr.eu.criteo.com googleads.g.doubleclick.net
2 acint.net 2 redirects
2 ssp-rtb.sape.ru 2 redirects
2 dsp-trk.eskimi.com newsyou.info
2 recreativ.ru newsyou.info
2 t.trafmag.com newsyou.info
2 openfpcdn.io pxksnymto.ru
2 prodmp.ru pxksnymto.ru
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 s.zmctrack.net newsyou.info
2 utarget.ru newsyou.info
utarget.ru
2 mc.yandex.ru 1 redirects newsyou.info
2 counter.yadro.ru 1 redirects newsyou.info
2 pxksnymto.ru vcmjf535tx.ru
ppvesdfiojol.com
2 connect.facebook.net newsyou.info
connect.facebook.net
2 cdnjs.cloudflare.com newsyou.info
2 vcmjf535tx.ru newsyou.info
vcmjf535tx.ru
1 pixel-us-west.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 ce.lijit.com newsyou.info
1 cm.lentainform.com newsyou.info
1 mwzeom.zeotap.com newsyou.info
1 ssbsync.smartadserver.com 1 redirects
1 cm.idealmedia.io newsyou.info
1 pixel.quantserve.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 s.adtelligent.com cm.mgid.com
1 c.mgid.com jsc.mgid.com
1 neso.r.niwepa.com as.ad4m.at
1 t.adcell.com as.ad4m.at
1 banner.congstar.de as.ad4m.at
1 img.servestatic.net newsyou.info
1 mixadvert.com newsyou.info
1 file.adpartner.pro newsyou.info
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 cat.nl.eu.criteo.com googleads.g.doubleclick.net
1 scontent-frt3-2.cdninstagram.com www.instagram.com
1 loadercdn.net newsyou.info
1 partner.googleadservices.com pagead2.googlesyndication.com
1 i.i.ua newsyou.info
1 r.i.ua 1 redirects
1 news.2xclick.ru newsyou.info
1 calculator.codes newsyou.info
0 sync.adtelligent.com Failed s.adtelligent.com
545 123
Subject Issuer Validity Valid
newsyou.info
AlphaSSL CA - SHA256 - G2		 2021-02-23 -
2022-03-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpizy1uy3x.ru
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
ocmurc.com
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-13 -
2022-10-12		 a year crt.sh
calculator.codes
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
news.2xclick.ru
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
ppvesdfiojol.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
adpartner.pro
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-02 -
2021-12-31		 3 months crt.sh
pwrlkyotm.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-10-02 -
2021-12-31		 3 months crt.sh
telegram.im
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
m.mixadvert.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.utarget.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-06-09 -
2022-07-07		 a year crt.sh
*.24smi.net
AlphaSSL CA - SHA256 - G2		 2021-01-02 -
2022-02-03		 a year crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-21 -
2022-04-25		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
loadercdn.net
R3		 2021-11-26 -
2022-02-24		 3 months crt.sh
prodmp.ru
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
openfpcdn.io
Amazon		 2021-11-11 -
2022-12-10		 a year crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-10-02 -
2021-12-31		 3 months crt.sh
fcgi5.gnezdo.ru
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
uuidksinc.net
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2021-08-23 -
2022-09-06		 a year crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-12 -
2022-05-13		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
new-programmatic.com
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-25		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
i.mixadvert.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
mixadvert.com
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
news.gnezdo.ru
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
zn3.2xclick.ru
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ltmse.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
dmpprof.com
R3		 2021-11-23 -
2022-02-21		 3 months crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2020-02-25 -
2022-02-25		 2 years crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
adcell.com
Certum Domain Validation CA SHA2		 2021-09-20 -
2022-09-20		 a year crt.sh
*.r.niwepa.com
AlphaSSL CA - SHA256 - G2		 2021-03-15 -
2022-04-16		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
guepslka.com
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-03 -
2022-03-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh

This page contains 59 frames:

Primary Page: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Frame ID: DEF9D1724262F8E97C596F9B51FED817
Requests: 255 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5325C890B99ADE85F6544660ABC26B8E
Requests: 1 HTTP requests in this frame

Frame: https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Frame ID: C32A5CC7E1C559AFCD878318AF488681
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 0BA5D48A7E00DF3AC27C7C436FD8FDC3
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: C0CD992DC29631B1B1C8064B45C14AF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=3025194257&lmt=1640280689&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689405&bpp=2&bdt=564&idt=133&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3890625747124&frm=20&pv=2&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=146
Frame ID: FD4782033BD6EE08B005B68C7FE4D500
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=610&screen_width=1600&reload_count=0&banner_num=1640280689460588615&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Frame ID: C569C1F93F4A10BC8A706A20192B7179
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=fdb6e022-4399-450d-8743-19e061e3265a&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Frame ID: 6EDF2CA6EBC4378C6B827B6D009A0731
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=300&screen_width=1600&reload_count=0&banner_num=1640280689461669814&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Frame ID: 3D09E5BA1691A8CF77E0BF7CAE6997C4
Requests: 2 HTTP requests in this frame

Frame: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Frame ID: F1675F6DEB0C95A5CAD6C1B7FF297DF8
Requests: 24 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=610&screen_width=1600&reload_count=0&banner_num=1640280689461993707&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Frame ID: 7E47527BE781FB8AD471C750564C1109
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Frame ID: 3D2CEE875C7F4088596E7A125E7F4310
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Frame ID: 1CC08C24ED4E4DD975F755B43CC3CA4E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Frame ID: F5D75E46C4FA2F20EA1B28954B3A4771
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Frame ID: 3C687D04397B623E433A5094834FF6CB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Frame ID: C4665F39C4D8B2885A5B0C2B22249E62
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Frame ID: 874E8B7FC3ECEFA8772A37376B8EE017
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 3FEF33C2E740561C329FC94483A82C72
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Frame ID: C46B8F495D594061129E3C01AC8969BB
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297875%2C%22cost%22%3A0.000731996%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22a2f363f9-ec65-4997-b856-7a59cc20409e%22%7D%2C%7B%22ad_id%22%3A2004555%2C%22cost%22%3A0.000173399%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%220b51889a-9009-469c-b4b9-3a34b7032f40%22%7D%5D%2C%22unit_id%22%3A7883%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO%22%7D
Frame ID: 7B3A2FD4B99A5D3F3B1271D2E2B61DCC
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228010c3b7-9b10-491c-ae14-073066f0dd3f%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2279d56577-7eb4-42a8-a9de-9bce99cc1595%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22309e3cbb-8fe1-4b2b-af6c-69b7ab67badb%22%7D%2C%7B%22ad_id%22%3A1714798%2C%22cost%22%3A0.000399628%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225d0de1c0-1c54-47a2-a9e8-9979ed665834%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO%22%7D
Frame ID: 47B006BAF6BAD2D73F0F3F075659CB3E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fdb6e022-4399-450d-8743-19e061e3265a%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO%2522%257D
Frame ID: 64A6C920399353572B7D49B9564577EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1D80E0F0E4A9B4985ECDC29CF2D0B22E
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000157179%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22dc9d343b-9764-40ce-8d28-829f92bb9842%22%7D%2C%7B%22ad_id%22%3A2297870%2C%22cost%22%3A0.000109135%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c3891e2a-1a92-4d25-97da-5ca4965c541d%22%7D%2C%7B%22ad_id%22%3A2287865%2C%22cost%22%3A0.0000614353%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22529a7062-ec57-47f2-bfb3-61d0c71eac72%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO%22%7D
Frame ID: 711429518A080C6F23A779A0675329C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C9te3crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIACT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30ALHx8kttYBIdOyT6ODywtNQFQ05OmqSsql-Nws3dxLqE4KqPjWAAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=CnRl5gnHgRQ&uach_m=[UACH]&cid=CAQSPACNIrLM8imCvzZoX3uiHtdJXzEUyB9BuYA2DQRjX-Xtdb11JW2lKRANGCU1JIE3AMBFFODzHOFJdLTnwxgB
Frame ID: 06F76345E115E8A9ECCA570BFAF671A8
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g864nr26ng2exer8cpbbqn1w21b3q6qpbbzxta4rgsfxgpf3h08mzmfweyhzsqyh490xkvs8dfes7v63ep1h7bm3qdzcykgkge2zpe6qxh8tg0a8qkg6zapdkrtb1r5jb9fgr2z0z6y4pxs0zjmtk29gmqw1tmb460xa2tby2h9yh9cz1r3d041xc72xby5e69tyefyf4bsqyzegmx06kjkmhdkwbv22x60ahrghzxg5h1fpayqckc7x5wq8rbse7fa57y3n08g0yy7grgpjc92gnmfssmnfama7tncwkygx35wt55195zyn66j2ft3x6s33tmnkzgk0zrn6n78bxd6nd6nf9ckhv8prmc1cdfs1p8m6wh06q92fh183vg54g92q8nek6xttg6d3x1x411pgf5d5h4y949pcxk41jes88hnrph24&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: CC3B766D6CF7DA43654AE951FD3B0F22
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63D415F1192BB76BC01E0A58014B53A6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BFA920B33CDE3335360DCBA75268A0F9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8300016E61779F28F1AD52F7D6A577B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E16DA8BD3126F80B7C8DC48166253F20
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 278980A0A1D73D8D1A497071078EA095
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gfn9k76kd74fcykvbrjww87mqr9y8pm103p1dpmwh341pcvpg18f9nax10c7t7kt2bygf84dv8r6wdp38wvygzeybdp486pxj5tw5pjfc36ys67a584bzm4bde9706b8agtpn1agwwsjq0st6a676srqzm4wd68a37x5dsrz1fsg6mfm9c0wfkpswd19gj21s0j30c2xw1k1acsd5z0w83wgj6hvrx7249mj331qh7w6h4zbcymk7dcsbmkt5p81f14jx96qcb05539qd1jtdh1bxqsbzjmd8r7ffnnw6b4d0zwrcskx84zr5m9tasbs1hwx9yrmrgdjhfx3zzfneatmdhmtx7emdf0sfjnk54hbjpej1n9fjjbs6079xhw5p3jav8sfpapjr74ae5nskq0xxchgfhjjgq8p598qfht2pw3vg9hp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 9920105E7E70F6CF4135C9A7F121AA88
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DB5AD68EB5F3F660737633C57DC4695E
Requests: 9 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: EA836E97455BE60A2CF0FE16FC24009B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CQoO1crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoE_wFP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnICp9rP6ccAVCNLq_Tz9DEUnnJ9jTLzKPZsH69oZIzocvu8TcH-feABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=vM6kVCqzhrc&uach_m=[UACH]&cid=CAQSPACNIrLMeDncffdz0CBsmPphfB7j6-W7hxG37K2W00kjP1ePhlaPaKEH4WI5WagDdfBymhxuuHOfWl92ExgB
Frame ID: AD1FD767B015953400B3A1B56F279209
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hq5fbn8nm71atxkd8ks3k0n9wcv1q2meryyftnc8n59mgbvjb2dq3a0vs8zf2h408ngh9r9rvrpe5wq1a3033bgvbgay9ws3jf4ty8cw37z68phjsa7t34fg05t4vcsbmw62gwv0s229n333x28m912ch0wqx13xjb6egvqctg1mzjwh1ezmgavwkv3ys193gg8ejx3z285hb3fkx2n57jsv5k6en0s914gjcr6jerh5nqzqgz67fcd77fhcdcksvjsjnc4d9kdcy74ftzmj21xrz9vyy9bsjg5m5pzzzd2wvv8da0h2qcc5wtxbj51jpj0we4k0ab3sbp3dmrj6aa85zc9rm97184a9587mrdqtd6bwc2dxfbpb9bbx1c4ddzth8q1emm1dd88fgjzmd6zy1z3ezdc00tn9srk2s0reyzt154yw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: F6E7462F3F62AF8299C5493FE9493E94
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DCCE9D2D702FC6BF26DD9E9D7BDB3D19
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g2d19edekd8pddx46nhmbfwr29ptcq41b51gwqjn855xy3sywxcpvfznvhkzhv7w4gnh1a12qtz2t0x23ae37qzpajz6pprvpap3prfcs3pqhv4ttm3y06v4vyg3pms9g4kv56mjcqrh0ptpfvwb0kc7vbw1tey9eyk92gf5qp2p37zd20a4xrf7v2vjtj0v04vmrh70ekg6s6snhrwtmqahfbdx1sq965ttv9r9610zzwf9c6zqk8a24zakae9eac6bbkr2bw0pevj5cwsg4m1f9dq5fnpj4gd31a3ersgyjzs6v7hrbvyd32tmzgat4qp6dvnavz1b1ra2tm5c6k34y8jqa2k5mjdy8d6fqj4txa1mqqmk3597fw06taa3a4dvtd4ewn03007swt0zjze3pjvzd271syw0che90v2t82xhgz4y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: A2ED85089EEDEE507A8C3331217CC7F6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80DF32CB5A57D557BC0B847AB8EB3482
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: CE172AF2910BF810E3425F87D188C215
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c5c4b842-6cac-4d72-84bf-f168a1375ae6%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2225406d70-d341-4023-9358-0b7d5cd42c4a%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22782c3d48-43cc-415e-8b1a-797a115a52af%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 2EE9E14183225B8C9FB5241949AB52F0
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c5c4b842-6cac-4d72-84bf-f168a1375ae6%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2225406d70-d341-4023-9358-0b7d5cd42c4a%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22782c3d48-43cc-415e-8b1a-797a115a52af%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 62FD7E3825AA11BECB5393CD30443678
Requests: 1 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 2D095B74AC24668F5C61C6A2433272CA
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2EDF462C5131493FA4844D71CD0ECD71
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F2894856231163538E638F3F14C0F42A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A6D99D20C639B237109DB0C94EC46A83
Requests: 1 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: AF26EEB541B9A30B08822D945C51FBFE
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: 809C11650FD1FF677C752DC828B8F65C
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: 10940B381FD43973ADF0C7C3EE99029F
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: A3463F1BA3AE98F59697400A4B087446
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: C2388330E8489E4F33EA5A0F3A0DA122
Requests: 14 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: A80056688D3EDB81D7082FB17FE0FD0C
Requests: 3 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1640280692043831999796
Frame ID: DCA1D7A3C197BBEC7326C36D265480BE
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 77F042401D5FA8E5C774573C69C84479
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Frame ID: 0884A2583B5C1A29552B695EB4032CF0
Requests: 4 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c5c4b842-6cac-4d72-84bf-f168a1375ae6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 8F2150F7C995C6E19C20586FA569D993
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2225406d70-d341-4023-9358-0b7d5cd42c4a%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 1D5DA9542FAE78F469FD5E965786A322
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22782c3d48-43cc-415e-8b1a-797a115a52af%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: D515E8C556F79F33994C90DA5B8A4EB4
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c5c4b842-6cac-4d72-84bf-f168a1375ae6%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2225406d70-d341-4023-9358-0b7d5cd42c4a%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22782c3d48-43cc-415e-8b1a-797a115a52af%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Frame ID: 61CF46520B24D427F141756E664E877E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Австралийка придумала, как спасти новогоднюю елку от котов (ФОТО) - Новости Ю

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 80%
Detected patterns
  • hit\.gemius\.pl
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

545
Requests

87 %
HTTPS

25 %
IPv6

88
Domains

123
Subdomains

90
IPs

11
Countries

8871 kB
Transfer

13609 kB
Size

131
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO;0.48183032027126393 HTTP 302
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO;0.48183032027126393
Request Chain 63
  • https://r.i.ua/s?u224079&p264&n0.8428801749784134&c1&d24&w1600&h1200&rnewsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO HTTP 302
  • https://i.i.ua/r/3_3_1.png
Request Chain 88
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280689&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689407&bpp=1&bdt=566&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zd3z3ympIo&p=https%3A//newsyou.info&dtd=185 HTTP 302
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Request Chain 129
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9496.c9DLcf5m2EUG0KAJ_1MVBB0nklVWQzEUqWVdw6JpwVdE2FV8hg2EIF3ziKlfPpR-.O1Vj797w9-G-IiLWblclmV9pjSk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9496.ApChbVcSr-Z7lIIIXhTHwgxJqEoL019s0HUdgyXdNhk4szcSisF32WcHGM0VC6nSTAifICB7tPSU30vUsJIrzQ%2C%2C.LAGfRWHQa7GSUExfE8SPRcjmdXQ%2C
Request Chain 166
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=fdb6e022-4399-450d-8743-19e061e3265a HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D10&cdsp=363190&user_id=fdb6e022-4399-450d-8743-19e061e3265a&sct=1 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
Request Chain 167
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=fdb6e022-4399-450d-8743-19e061e3265a HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D9&cdsp=363190&user_id=fdb6e022-4399-450d-8743-19e061e3265a&sct=1 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
Request Chain 171
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 174
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F72B2C4611600B164026ECB11&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F72B2C4611C05104E02DF0F81
Request Chain 175
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F72B2C4611400956402248215&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F72B2C4611C05104E02DF0F81
Request Chain 176
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
Request Chain 177
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
Request Chain 178
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=d0d9717c-4a41-4270-4d57-d46e0ba779df
Request Chain 179
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=93053dde-4f4c-47c9-524b-d9d91502090f
Request Chain 201
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1517%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A423974887486%3Ahid%3A225207154%3Az%3A0%3Ai%3A20211223173129%3Aet%3A1640280690%3Ac%3A1%3Arn%3A870567772%3Arqn%3A1%3Au%3A1640280690701251118%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280687844%3Ads%3A0%2C181%2C691%2C1%2C0%2C0%2C%2C620%2C3%2C%2C%2C%2C1617%3Adsn%3A0%2C181%2C691%2C2%2C0%2C0%2C%2C621%2C4%2C%2C%2C%2C1617%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280690%3At%3A%D0%90%D0%B2%D1%81%D1%82%D1%80%D0%B0%D0%BB%D0%B8%D0%B9%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%B4%D1%83%D0%BC%D0%B0%D0%BB%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%81%D0%BF%D0%B0%D1%81%D1%82%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B5%D0%BB%D0%BA%D1%83%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D0%B2%20(%D0%A4%D0%9E%D0%A2%D0%9E)%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1517%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A423974887486%3Ahid%3A225207154%3Az%3A0%3Ai%3A20211223173129%3Aet%3A1640280690%3Ac%3A1%3Arn%3A870567772%3Arqn%3A1%3Au%3A1640280690701251118%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280687844%3Ads%3A0%2C181%2C691%2C1%2C0%2C0%2C%2C620%2C3%2C%2C%2C%2C1617%3Adsn%3A0%2C181%2C691%2C2%2C0%2C0%2C%2C621%2C4%2C%2C%2C%2C1617%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280690%3At%3A%D0%90%D0%B2%D1%81%D1%82%D1%80%D0%B0%D0%BB%D0%B8%D0%B9%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%B4%D1%83%D0%BC%D0%B0%D0%BB%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%81%D0%BF%D0%B0%D1%81%D1%82%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B5%D0%BB%D0%BA%D1%83%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D0%B2%20%28%D0%A4%D0%9E%D0%A2%D0%9E%29%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 300
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 309
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLrBJTU8OF5WOmDvlRMIKUFMprTyN1dmE-NAGLYfwlQ8Dd4LByKFmYUATZqUA58u4EXS6VuyiKgJV0W7_is4WYnf1VwIKw&google_gid=CAESECmSO8e_17HadJiGu7eF1ik&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWN3QUFCZGRYa0F3aw&google_push=AYg5qPLrBJTU8OF5WOmDvlRMIKUFMprTyN1dmE-NAGLYfwlQ8Dd4LByKFmYUATZqUA58u4EXS6VuyiKgJV0W7_is4WYnf1VwIKw
Request Chain 310
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFpOmAR_y_YD7P5Q7U-IClM&google_cver=1&google_push=AYg5qPLxHTcR4WPe5eZGfAPguuL_mJVeqgeLw1om5g4joPlawaQXtUv8T9kgFJMZCIqcK4YhXzJHdH_NEh7A8-fdBW1QS7l3IPk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLxHTcR4WPe5eZGfAPguuL_mJVeqgeLw1om5g4joPlawaQXtUv8T9kgFJMZCIqcK4YhXzJHdH_NEh7A8-fdBW1QS7l3IPk&google_hm=Q0FFU0VGcE9tQVJfeV9ZRDdQNVE3VS1JQ2xN
Request Chain 312
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDn1ugn1EiUyBEQr1m_Wuyg&google_cver=1&google_push=AYg5qPJVKIs9NZUVfPT1CNOm4XjUVSO2DPIbsGqfhiTC2TwVZZHZpTkTO8-H1eSqIq5hqJ-cKO3MxLGyc8y7QpXrpVv6ur7q4g HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDn1ugn1EiUyBEQr1m_Wuyg&google_cver=1&google_push=AYg5qPJVKIs9NZUVfPT1CNOm4XjUVSO2DPIbsGqfhiTC2TwVZZHZpTkTO8-H1eSqIq5hqJ-cKO3MxLGyc8y7QpXrpVv6ur7q4g&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJVKIs9NZUVfPT1CNOm4XjUVSO2DPIbsGqfhiTC2TwVZZHZpTkTO8-H1eSqIq5hqJ-cKO3MxLGyc8y7QpXrpVv6ur7q4g
Request Chain 313
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC3xAoYJgw9_0xzLZwW-2Rk&google_cver=1&google_push=AYg5qPLoJTxjlCpSlS3KR5Qifdh8P7x7zUwpskpJYVrRC1NGnXgmhQ2dsydOI8ccIAWFsJ-TCBJSnp2YYjtET5aPVu60gG3tltI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJUQ0otRi04WjZC&google_push=AYg5qPLoJTxjlCpSlS3KR5Qifdh8P7x7zUwpskpJYVrRC1NGnXgmhQ2dsydOI8ccIAWFsJ-TCBJSnp2YYjtET5aPVu60gG3tltI
Request Chain 314
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0
Request Chain 322
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=fdb6e022-4399-450d-8743-19e061e3265a HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
Request Chain 323
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=fdb6e022-4399-450d-8743-19e061e3265a HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
Request Chain 330
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F72B2C4611C05104E02DF0F81
Request Chain 331
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F72B2C4611C05104E02DF0F81
Request Chain 332
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
Request Chain 333
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
Request Chain 334
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=2fea7b74-a56a-4499-5ac7-675220c33abb
Request Chain 335
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=ed3d774a-0b3d-4de2-649c-6bd8d28d10b3
Request Chain 336
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB1mUP8ZdHDTVPWIeZbeHBY&google_cver=1&google_push=AYg5qPK8USE2L0o3LW9CytMx2gNonzLsT-WYnoSYgV3vAcQuYSzNP4cezFUioGSf3DXf8peL3CljDiXCJBy_B6Zki9r_B3DDLkWB9Jl_D3hfuEuL-LshrpKdF32CJMrX3HjGzgdlGw15w10h1MzkCz31-cA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8USE2L0o3LW9CytMx2gNonzLsT-WYnoSYgV3vAcQuYSzNP4cezFUioGSf3DXf8peL3CljDiXCJBy_B6Zki9r_B3DDLkWB9Jl_D3hfuEuL-LshrpKdF32CJMrX3HjGzgdlGw15w10h1MzkCz31-cA&google_hm=OM8BTVHntGDYtSrlFwTDpQ
Request Chain 337
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL7x-fNgRNZ-5nnyMmCqsc1NMSMLQLsltBORDKRWhAlCLNuAkiOEraLATb1eO9Fb9Vi3C0enwbzMeZcPITdtj4roPPy9d1H4_D35kh_lU24QffVBl_tD3iwvPF2BoRWTYVAx6FFT_uG4F6hFGwCACw&google_gid=CAESEPW983aPcZwptskD6PVnqrc&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPPkko4GEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVlnNXFQTDd4LWZOZ1JOWi01bm55TW1DcXNjMU5NU01MUUxzbHRCT1JES1JXaEFsQ0xOdUFraU9FcmFMQVRiMWVPOUZiOVZpM0MwZW53YnpNZVpjUElUZHRqNHJvUFB5OWQxSDRfRDM1a2hfbFUyNFFmZlZCbF90RDNpd3ZQRjJCb1JXVFlWQXg2RkZUX3VHNEY2aEZHd0NBQ3c HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwS1BHQzBnUTQzVUh5TXJ2M2VNandLTW50eDdwRGpwSnU1Q0UwVGd4dzEzOA==&google_push
Request Chain 340
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIO5jmIFG37lVXe9xMekl5A&google_cver=1&google_push=AYg5qPLj4c-H7yhA2jBeOydj8ea9-92gS9AXbqFsA0UIf9gjNPypUjSkSJYNaawMFCUhfowHHSlZRIHviNJa9P6vhVth43Dd_ybQH5YiIVnEnWrdVZGMCcgBrp4oz08lq-kZzGS7UHV7FyHG64MZrgK2q1Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AmoNzn76TQGS9Ws9BMeZ1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLj4c-H7yhA2jBeOydj8ea9-92gS9AXbqFsA0UIf9gjNPypUjSkSJYNaawMFCUhfowHHSlZRIHviNJa9P6vhVth43Dd_ybQH5YiIVnEnWrdVZGMCcgBrp4oz08lq-kZzGS7UHV7FyHG64MZrgK2q1Y
Request Chain 341
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOehlUBTNBTHeN1_trE-S2w&google_cver=1&google_push=AYg5qPKNYIos-847XNEB4jeZIgtXh6nbjmxrbB3VRpDvdNE5T-5UnsFaUcmnm2ApuRY9eNZzKk9lASGacIbErjhjBNNGeWEHX7pBJYiGLqNlqxTfYrvhZlj1zczOxXWK_UCdwRlM1-QUBgpzBP5MbEnMlqY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURU4tTy1IUFdV&google_push=AYg5qPKNYIos-847XNEB4jeZIgtXh6nbjmxrbB3VRpDvdNE5T-5UnsFaUcmnm2ApuRY9eNZzKk9lASGacIbErjhjBNNGeWEHX7pBJYiGLqNlqxTfYrvhZlj1zczOxXWK_UCdwRlM1-QUBgpzBP5MbEnMlqY
Request Chain 342
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g
Request Chain 344
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELZOv5_Rb0TlP59wZdfNvlE&google_cver=1&google_push=AYg5qPIrWmV-9EkoxhbB-toj6RDdtA3o2CDrA-0qP5uGSg9PjSC5kuGjjHEMO80mplFuuVefV-oovSBxckaiOBQ0PNlcfKBqOY0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIrWmV-9EkoxhbB-toj6RDdtA3o2CDrA-0qP5uGSg9PjSC5kuGjjHEMO80mplFuuVefV-oovSBxckaiOBQ0PNlcfKBqOY0&google_hm=OM8BTVHntGDYtSrlFwTDpQ
Request Chain 345
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEGZNX2atvVUp7BoyLlrEF40&google_cver=1&google_push=AYg5qPIxegGoVSBYHwxVI7FQRJHNQZx4DfIII6qHs3iGKOjMv2JUzn922JxoIBkgYNzPvjb9ASMwQ-dcoppyt7Oc_U4jq5Mqp0NS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIxegGoVSBYHwxVI7FQRJHNQZx4DfIII6qHs3iGKOjMv2JUzn922JxoIBkgYNzPvjb9ASMwQ-dcoppyt7Oc_U4jq5Mqp0NS&google_hm=Q0FFU0VHWk5YMmF0dlZVcDdCb3lMbHJFRjQw
Request Chain 348
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA3UFjDznG2Hf0iqQVzfm6I&google_cver=1&google_push=AYg5qPJdS8KTjRipyfasWn_uy29SmNU271C3t0cykNnnP7_M_EnN24yUF-0OyAskImF8XEAdTapbZvnnrLdodhnvEy9nLzzmjapj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdS8KTjRipyfasWn_uy29SmNU271C3t0cykNnnP7_M_EnN24yUF-0OyAskImF8XEAdTapbZvnnrLdodhnvEy9nLzzmjapj
Request Chain 349
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELpy4CalA4RhhxWaXeWpGsc&google_cver=1&google_push=AYg5qPJtxFo8oxPWWlBtQFnjmE5RcACI1uyoeyFNMbd-c0X5-1xXTaAVDnXWQ6YH6cEr-b34GCC9uzgTh0DoczsWDsM3KxQ0tBF1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURU4tTi1ZWTQ=&google_push=AYg5qPJtxFo8oxPWWlBtQFnjmE5RcACI1uyoeyFNMbd-c0X5-1xXTaAVDnXWQ6YH6cEr-b34GCC9uzgTh0DoczsWDsM3KxQ0tBF1
Request Chain 350
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_cver=1&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW
Request Chain 359
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOSptyh3U8yNz4tvY_ubk5k&google_cver=1&google_push=AYg5qPLqOpAVsQbod3Xh2ZbVrUzkR1UEYNXjPyIF7P_-AecwsUF31YIqFIQMZ1pCI9sDBEjrMP6LJcyHceD1HYOn-VJoe2U7e94IkLylJiVzWFcUW7U3o08pph3DIvLGPFh3wBn-GtQfUEaeLz47n1Xk2w HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLqOpAVsQbod3Xh2ZbVrUzkR1UEYNXjPyIF7P_-AecwsUF31YIqFIQMZ1pCI9sDBEjrMP6LJcyHceD1HYOn-VJoe2U7e94IkLylJiVzWFcUW7U3o08pph3DIvLGPFh3wBn-GtQfUEaeLz47n1Xk2w&google_hm=OM8BTVHntGDYtSrlFwTDpQ
Request Chain 360
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKCIdXS78n7q82VKDQa_Wwk&google_cver=1&google_push=AYg5qPI9db3QR6isrJFcdWLbXSU8oEuc8om7tCA2yYmbUZCE7CqznjGpSwO7SHbLDZ0BuwjEstoqOws_-bDGwWeJC9dIOchWowbpQ--up854duJ8XfypxNUof4MWAKjR9ycpmMdjJUAxLvE61K22RtD8VsM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI9db3QR6isrJFcdWLbXSU8oEuc8om7tCA2yYmbUZCE7CqznjGpSwO7SHbLDZ0BuwjEstoqOws_-bDGwWeJC9dIOchWowbpQ--up854duJ8XfypxNUof4MWAKjR9ycpmMdjJUAxLvE61K22RtD8VsM&google_hm=Q0FFU0VLQ0lkWFM3OG43cTgyVktEUWFfV3dr
Request Chain 363
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB0SAGFbmTlQMVrftCM_BgY&google_cver=1&google_push=AYg5qPJxPGrHODS_wcRQCtkTQi52cIHkjSLUSQmFL0Im-hwzWTT3EdUKx3ZBXZWACTCOEs2SihH7qGsLqW2brPnRqi4tdAE-Ee-n_UtSSzo8_37ikRwUl4yC14JLPCOidIVSd_OVQ16Wd_eIgWYgJr5QtA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJxPGrHODS_wcRQCtkTQi52cIHkjSLUSQmFL0Im-hwzWTT3EdUKx3ZBXZWACTCOEs2SihH7qGsLqW2brPnRqi4tdAE-Ee-n_UtSSzo8_37ikRwUl4yC14JLPCOidIVSd_OVQ16Wd_eIgWYgJr5QtA
Request Chain 364
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAN7VnJU3pV81lFKAnJrUKI&google_cver=1&google_push=AYg5qPJM4UqgzQzaRlOpQ8MHdO1-uJimFt5fEFPDc5aZmRfKXeFH5EKMqvKZLSVthP-Vo6K9MLX45wUGJv9C_9pdxGAgKs7zcLDHpcOV82PQc6ST5XWCdXlBXSlI3tYjQZ9R-reUZ3rnCsPAW8bFY_L14Ds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURjEtMVgtQ0xXNA==&google_push=AYg5qPJM4UqgzQzaRlOpQ8MHdO1-uJimFt5fEFPDc5aZmRfKXeFH5EKMqvKZLSVthP-Vo6K9MLX45wUGJv9C_9pdxGAgKs7zcLDHpcOV82PQc6ST5XWCdXlBXSlI3tYjQZ9R-reUZ3rnCsPAW8bFY_L14Ds
Request Chain 365
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAaAJ_IOYCTd_DGtl5rfYqg&google_cver=1&google_push=AYg5qPJnaOyBO4wf0cn_JzdeaAogV-4-EiwU8OWrauAOc_8EFy8V1VXDPsRCliR6-_7Axt9Mt53GxItfQ-mj21LD9kjQ7T1WJMy_eo3Hukt-GbDJit42MS0NJQR-AZw5nBAUorOCbsfK1ZVbE-fLfNxGsBI HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJnaOyBO4wf0cn_JzdeaAogV-4-EiwU8OWrauAOc_8EFy8V1VXDPsRCliR6-_7Axt9Mt53GxItfQ-mj21LD9kjQ7T1WJMy_eo3Hukt-GbDJit42MS0NJQ&google_hm= HTTP 302
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Request Chain 372
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 373
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 377
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJoX7VOKoBHTzj0nczzmK6sD5ucK9u3la3GYVVh4-HFmle1qb6HSA5wTlZ1kQRrLyH2mPspwNhKVxNkZScdorvIUYSVDiUVa1K7NuoC1t_zN5Fyi0ERcZ6BtouFQuPh_OZAmqHdJUNGo6lZKmBtIdE&google_gid=CAESELya9sZNjWeSDhRqHP_EbWc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWN3QUFCZkJ2TjFrUw&google_push=AYg5qPJoX7VOKoBHTzj0nczzmK6sD5ucK9u3la3GYVVh4-HFmle1qb6HSA5wTlZ1kQRrLyH2mPspwNhKVxNkZScdorvIUYSVDiUVa1K7NuoC1t_zN5Fyi0ERcZ6BtouFQuPh_OZAmqHdJUNGo6lZKmBtIdE
Request Chain 378
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEL6OYWbRn2UQxScjH5SNxh4&google_cver=1&google_push=AYg5qPI9OtofEc6iduwTAwzCiU20MZnbAzJ7a9XCBzTdWgy7LQnbZc1FJLiv2zqe8W561cL31QpT4sWFJ2xhwcjm_GcSSUTWpOOnH3LDsQMuFhbzVYCDdrDJnc18GKA8A9ItvDvHs_MvRiIOJGdUodDX1TA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI9OtofEc6iduwTAwzCiU20MZnbAzJ7a9XCBzTdWgy7LQnbZc1FJLiv2zqe8W561cL31QpT4sWFJ2xhwcjm_GcSSUTWpOOnH3LDsQMuFhbzVYCDdrDJnc18GKA8A9ItvDvHs_MvRiIOJGdUodDX1TA&google_hm=Q0FFU0VMNk9ZV2JSbjJVUXhTY2pINVNOeGg0
Request Chain 381
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI4wOXxsd_MU3nATrrupqZc&google_cver=1&google_push=AYg5qPJeE253Fp7GJon2wO9yH6swTso2gRNJtDQ8xdSkEtQZyvxGPpBUXp7m9UdiQ4W6K0FrJ29qN9kzI1VxBNuMUsfO3gzsERwRs6Ro4ry1doiQ99byaeseAtxZ4Jpknp8Q_5rF-Ja36aE8F4PWOOuDWC8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJeE253Fp7GJon2wO9yH6swTso2gRNJtDQ8xdSkEtQZyvxGPpBUXp7m9UdiQ4W6K0FrJ29qN9kzI1VxBNuMUsfO3gzsERwRs6Ro4ry1doiQ99byaeseAtxZ4Jpknp8Q_5rF-Ja36aE8F4PWOOuDWC8
Request Chain 382
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw
Request Chain 383
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMlPEMTXR9vsvBIIzJCbrNg&google_cver=1&google_push=AYg5qPJc10RwSx3GOpuIMZe7-tUsJIHAzlmHhknavJYyCazVV308yMR6ngP301QDazaT8puh02bu8mp61HScXsG0u6xJ0I9aALzS2n3JeG5FO_ffD-yWZs4EI-tXHMn9jaCbzvICtZtQJhxRsrHqw583byqr HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJc10RwSx3GOpuIMZe7-tUsJIHAzlmHhknavJYyCazVV308yMR6ngP301QDazaT8puh02bu8mp61HScXsG0u6xJ0I9aALzS2n3JeG5FO_ffD-yWZs4EI-&google_hm= HTTP 302
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Request Chain 389
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnICY0OO_SnNAg== HTTP 302
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnICY0OO_SnNAg==&bounce=1
Request Chain 390
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsnICY0OO_SnNAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/188CzdHEifbwxRCUHM8c
Request Chain 391
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsnICY0OO_SnNAg== HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsnICY0OO_SnNAg==&tuid=-4405859626 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AVoiAtcQcV0u4ugqbEZA1rQ
Request Chain 393
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsnICY0OO_SnNAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/188CzdHEifbwxRCUHM8c
Request Chain 394
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsnICY0OO_SnNAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F72B2C4611C05104E02DF0F81
Request Chain 401
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJl5Ws7K-NVYtIAmn88jpa0&google_cver=1&google_push=AYg5qPJ8EyV66IJkdFwIK-Wc0zA987iJz8ADU9rA1DBCFkWObP5W4VdEq6T-A7e4JKN8mkRGgV4HFWX6yyPlq3ofZEMNFCjTwo4N6ud8cgLfFYgO4gkraOI8YZklJWCTdRnVUzHjNxATSQuelmfsZqYg91E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ8EyV66IJkdFwIK-Wc0zA987iJz8ADU9rA1DBCFkWObP5W4VdEq6T-A7e4JKN8mkRGgV4HFWX6yyPlq3ofZEMNFCjTwo4N6ud8cgLfFYgO4gkraOI8YZklJWCTdRnVUzHjNxATSQuelmfsZqYg91E&google_hm=Q0FFU0VKbDVXczdLLU5WWXRJQW1uODhqcGEw
Request Chain 403
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLwYM0_n_Z9xllHY2sdCfe_aEYpnLE-kg0-GgtD_FP6LwnJLOOvKp3wiuysIL1VVdOpKuAejgmJIF5F5CfQ_tTzmFBXN3wwm9y9aZMe4q1i99q83sPxSn-sU94U4kC-64H4eoOWEstONhVp3jy3Bgs&google_gid=CAESEBxRNy2j_Z-MEREw3KsF3vY&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLwYM0_n_Z9xllHY2sdCfe_aEYpnLE-kg0-GgtD_FP6LwnJLOOvKp3wiuysIL1VVdOpKuAejgmJIF5F5CfQ_tTzmFBXN3wwm9y9aZMe4q1i99q83sPxSn-sU94U4kC-64H4eoOWEstONhVp3jy3Bgs&google_gid=CAESEBxRNy2j_Z-MEREw3KsF3vY&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzEwMDAxMjY1OTIwMDI3Mw%3D%3D&google_push=AYg5qPLwYM0_n_Z9xllHY2sdCfe_aEYpnLE-kg0-GgtD_FP6LwnJLOOvKp3wiuysIL1VVdOpKuAejgmJIF5F5CfQ_tTzmFBXN3wwm9y9aZMe4q1i99q83sPxSn-sU94U4kC-64H4eoOWEstONhVp3jy3Bgs
Request Chain 405
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIkI_C4wv3wBLKCXQpEUPeQ&google_cver=1&google_push=AYg5qPKz4e6qZSmJ3BR3RgPp_HISjS6CQiGtzJrtG3o2TyalrGPK7qJ--0N7e0amGqNl83fmxI5Ytj3Py3tfNIamMLeqhi5A6kb1BZA8EaWChlaIXJxvT8zCrgZP79cy6n1IRjkbOqDLVeV_PeD5bHLrqxk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJUSFYtTS0zWDdW&google_push=AYg5qPKz4e6qZSmJ3BR3RgPp_HISjS6CQiGtzJrtG3o2TyalrGPK7qJ--0N7e0amGqNl83fmxI5Ytj3Py3tfNIamMLeqhi5A6kb1BZA8EaWChlaIXJxvT8zCrgZP79cy6n1IRjkbOqDLVeV_PeD5bHLrqxk
Request Chain 406
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJYk2lBHSTcckt1cexRiEKk&google_cver=1&google_push=AYg5qPKGc6Vsc0n0GrYluRAiUuYJWXcS1shQunAUgx6zsvG-25lrhGHJSgvcqDPdBV0nssmvdXSrGW5BQbVSdFjymlwJWM4kfa4CkkBpsdIvCugD5mvBQ31ttpLoWafKDWfHbC4YtvoDd01gYABwjzwNOyCq HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKGc6Vsc0n0GrYluRAiUuYJWXcS1shQunAUgx6zsvG-25lrhGHJSgvcqDPdBV0nssmvdXSrGW5BQbVSdFjymlwJWM4kfa4CkkBpsdIvCugD5mvBQ31ttp&google_hm= HTTP 302
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Request Chain 441
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313160669259069X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021122318313160669259069X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313160669259069X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Request Chain 444
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122318313160669259053X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313160669259053X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Request Chain 452
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJru0t-5-vQCFW_vuwgdLDwIsQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280691_2b1f9170-6416-11ec-aa5f-2261f8d01a34
Request Chain 459
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313160669259059X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021122318313160669259059X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313160669259059X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Request Chain 462
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122318313160669259061X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313160669259061X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Request Chain 527
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Request Chain 528
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=YNJJskXcjirLS1K7KiZ8&pi=mgid&tc=1
Request Chain 529
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJudTJFal8yRXY5&muidn=lbnu2Ej_2Ev9 HTTP 302
  • https://cm.mgid.com/google?muidn=lbnu2Ej_2Ev9&google_ula={guid},5&google_gid=CAESEKeGx9UsfBtMzajx13GvZgw&google_cver=1
Request Chain 530
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=9c50a8c3-32cb-4fe7-b49b-4ad977eda77e
Request Chain 531
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=1&user_id=7G9Pr7hsG6n3OB-vvDsBq7s_Gq33aBqr4jjfi9Do
Request Chain 533
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=fe13da32-3e8f-4da9-8e82-3ef29dd24300&ttl=1642872692
Request Chain 534
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=93428507-8b1e-4435-8e36-f63c0c526bc4
Request Chain 535
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbnu2Ej_2Ev9 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=4384626336298261444&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 538
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbnu2Ej_2Ev9 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=7ec4233b-89ab-4efe-a6f6-ac92b315b407

545 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
newsyou.info/ 		105 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
0915647be71a23f06acaa3e4c6da4a08e09c448f57d07c1b8a0b7c3efc280002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:14 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
28122
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Link
<https://newsyou.info/wp-json/>; rel="https://api.w.org/", <https://newsyou.info/wp-json/wp/v2/posts/584222>; rel="alternate"; type="application/json", <https://newsyou.info/?p=584222>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
mainstyle10.css
newsyou.info/ 		36 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/mainstyle10.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:14 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:31 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37351
Expires
Thu, 30 Dec 2021 17:26:14 GMT
magnific-popup.css
newsyou.info/wp-content/themes/newsyou/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/css/magnific-popup.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:14 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:07 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6951
Expires
Thu, 30 Dec 2021 17:26:14 GMT
jquery-1.11.1.min.js
newsyou.info/wp-content/themes/newsyou/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/jquery-1.11.1.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:14 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95786
Expires
Thu, 30 Dec 2021 17:26:14 GMT
scripts.js
newsyou.info/wp-content/themes/newsyou/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/scripts.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:14 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23604
Expires
Thu, 30 Dec 2021 17:26:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a73277f8256e35b53d78e4bcca364ca7bb907ead0bf58eceeda4372a04b5862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51837
x-xss-protection
0
server
cafe
etag
5387107853960471748
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:29 GMT
script.js
vcmjf535tx.ru/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vcmjf535tx.ru/script.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
93295644da9af673ecf074ce2a3962f685662b6f69c498a77a37e4708b84ce5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
x-adsbid-request
ufwqh8wovig5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
server
nginx/1.18.0
otv1l7192ivl0pmy03q8h867quv768kypg019a.php
ocmurc.com/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 11:24:02 GMT
server
nginx/1.14.2
etag
"61714dd2-4abc"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
19132
smi.js
jsn.24smi.net/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/smi.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72eb47be0de224add691e0ad18bf8ff3decae4be687d16893ae7bf2be0759fed
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 09:02:21 GMT
server
cloudflare
age
253
etag
W/"6166a09d-15d1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352e4a91559b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:27:16 GMT
gqzgemrxgm5ha3ddf43tkoi
calculator.codes/code/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://calculator.codes/code/gqzgemrxgm5ha3ddf43tkoi
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.22.198.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8f8612f9c5dd788cd2a7985006199d0363f9c92d2c8015d1e2c337584f6d0e02
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:29 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
style.min.css
newsyou.info/wp-includes/css/dist/block-library/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:14 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:37 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80574
Expires
Thu, 30 Dec 2021 17:26:14 GMT
wp-automatic.css
newsyou.info/wp-content/plugins/wp-automatic/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/css/wp-automatic.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:14 GMT
Last-Modified
Wed, 24 Nov 2021 08:11:31 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2713
Expires
Thu, 30 Dec 2021 17:26:14 GMT
jquery.min.js
newsyou.info/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:14 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:29 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89521
Expires
Thu, 30 Dec 2021 17:26:14 GMT
jquery-migrate.min.js
newsyou.info/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:14 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:28 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
Expires
Thu, 30 Dec 2021 17:26:14 GMT
main-front.js
newsyou.info/wp-content/plugins/wp-automatic/js/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/js/main-front.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:14 GMT
Last-Modified
Wed, 24 Nov 2021 08:11:36 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1017
Expires
Thu, 30 Dec 2021 17:26:14 GMT
logo.png
newsyou.info/wp-content/themes/newsyou/img/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:08 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24862
Expires
Thu, 30 Dec 2021 17:26:15 GMT
2694868.jpg
newsyou.info/wp-content/uploads/2021/12/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/2694868.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
42f1001a0d21e42b0a40b9ff231b0ba95c48b4fd2fa21d3e4f1aba15e202b018

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Wed, 22 Dec 2021 19:36:37 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115802
Expires
Thu, 30 Dec 2021 17:26:15 GMT
view.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/view.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15253
Expires
Thu, 30 Dec 2021 17:26:15 GMT
JP1qtZVugHn4XCGbHKCu5CvsFEoAMWfovjsOTqvJ.jpeg
newsyou.info/wp-content/uploads/2021/12/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/JP1qtZVugHn4XCGbHKCu5CvsFEoAMWfovjsOTqvJ.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
578b130d8727e233ece4772e7fd7680c22d200c00c76135d141a9ce2327f9126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Tue, 21 Dec 2021 19:02:52 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50434
Expires
Thu, 30 Dec 2021 17:26:15 GMT
8c5b19b-16poroshenko-1024x610-1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/8c5b19b-16poroshenko-1024x610-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
584cef30c8b0276d0fa2b0a7999ca5eb2de381f83546601106665e47d538f23c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Tue, 21 Dec 2021 19:00:58 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53266
Expires
Thu, 30 Dec 2021 17:26:15 GMT
menum.png
newsyou.info/wp-content/themes/newsyou/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/menum.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3725
Expires
Thu, 30 Dec 2021 17:26:15 GMT
sbtn.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/sbtn.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15582
Expires
Thu, 30 Dec 2021 17:26:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5994697028380609
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b0b95743838e3e37f94068193d4937c1c7424f0879e9845ff1930b76119fb45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51801
x-xss-protection
0
server
cafe
etag
9109709742081560599
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:29 GMT
loader.js
news.2xclick.ru/ 		102 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/loader.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
3eb4db2e6c27e9a8a54e3a1d233f47265a21634f8021c4f750578e5af7f2c590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Nov 2021 08:40:17 GMT
Server
nginx/1.10.3
ETag
"61a5e371-4e4d"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
application/javascript
Content-Length
20045
Expires
Fri, 24 Dec 2021 17:31:29 GMT
aa7d8b75-88b19c60fb041859d9fa764b727b801f.jpg
newsyou.info/wp-content/uploads/2021/12/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/aa7d8b75-88b19c60fb041859d9fa764b727b801f.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f9cae5cdc6c79866685dfd722cb90c811b63814e1832e3b3f581fc334f01f44e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 23 Dec 2021 16:15:30 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56399
Expires
Thu, 30 Dec 2021 17:26:15 GMT
269805583_10217608426876614_2904607566396503516_n-e1640262157947.jpg
newsyou.info/wp-content/uploads/2021/12/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/269805583_10217608426876614_2904607566396503516_n-e1640262157947.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9ef5c9fc195c8285626f31941962c165336f0fb8d0fe7b86fd52adb5b723d1e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 23 Dec 2021 15:43:40 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84029
Expires
Thu, 30 Dec 2021 17:26:15 GMT
newsyou.info.1122348.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
br
cf-cache-status
HIT
age
3458
last-modified
Thu, 25 Nov 2021 11:26:29 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T72570RD0NPJGY08
x-amz-id-2
a28riq9jUGJJUVnKtT/pPOakUJ/WNw4ov5gAPz8DHVaSeh451uIM0yF56/HmeLWFnFnvFX0c6mE=
cf-bgj
minify
server
cloudflare
etag
W/"4a5ade7ca18e6cd9b124c7e488981183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2352e4bf112b59-FRA
expires
Thu, 23 Dec 2021 20:31:29 GMT
newsyou.info.1146775.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
br
cf-cache-status
HIT
age
3458
last-modified
Thu, 25 Nov 2021 11:17:38 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VEGVT66BEMX4F1J1
x-amz-id-2
AI3/DIVSFpgmpWwOYqkeqn33GG85H2ENhud+ExCWyL8YWoRV8GzXXP9xMOUlvUgAywszU3keT14=
cf-bgj
minify
server
cloudflare
etag
W/"954fed81ee1ba109d87b56eb30d13bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2352e4bf1c2b59-FRA
expires
Thu, 23 Dec 2021 20:31:29 GMT
1640252769_4184.svg
newsyou.info/wp-content/uploads/imga6695d8/23-12-21/ 		327 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/23-12-21/1640252769_4184.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
b1d8189f87b428e1e35303478ce05cf5100756c6deaf1e8517be0c2d5554c87c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 23 Dec 2021 09:46:09 GMT
Server
nginx/1.2.1
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
327
Expires
Thu, 30 Dec 2021 17:26:15 GMT
%D0%91%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD-%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB-%D0%B1%D1%83%D0%B4%D0%B5%D1%82-%D0%BB%D0%B8-%D0%BE%D0%BD-%D0%B1%D0%B0%D0%BB%D0%BB%D0%BE%D1%82%D0%B8%D1%80...
newsyou.info/wp-content/uploads/2021/12/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%91%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD-%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB-%D0%B1%D1%83%D0%B4%D0%B5%D1%82-%D0%BB%D0%B8-%D0%BE%D0%BD-%D0%B1%D0%B0%D0%BB%D0%BB%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F-%D0%BE%D0%BF%D1%8F%D1%82%D1%8C.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c71cfdc5d8624558e2cc670a0dfacfca40f7bafd4f1393ed067e4e381ad8e6e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 23 Dec 2021 05:37:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64815
Expires
Thu, 30 Dec 2021 17:26:15 GMT
https___ukr.media_static_ba_aimg_4_3_5_435738_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435738_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
fd42eb21f950a6ebd0e3eb2b9194232ddb6e1421fab1503b03a6d16a7476aecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Wed, 22 Dec 2021 08:25:28 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198298
Expires
Thu, 30 Dec 2021 17:26:15 GMT
shutterstock_568076731-750x400-2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/shutterstock_568076731-750x400-2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
86c269f58ff013e4c961ae50583e44adfd794f0d415030a549cf2f92db0295b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Wed, 22 Dec 2021 07:02:56 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26485
Expires
Thu, 30 Dec 2021 17:26:15 GMT
https___ukr.media_static_ba_aimg_4_3_5_435758_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435758_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
7bea74a8949fb8732fcd7fa98dc7f441dde603024aa79ddd781521c85dd33b93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Wed, 22 Dec 2021 08:23:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108153
Expires
Thu, 30 Dec 2021 17:26:15 GMT
Muesli_Coffee_Fruit_46766-750x400-2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/Muesli_Coffee_Fruit_46766-750x400-2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0b033515b1023d80f80ee227136cf5509f6e5b66bb39450ddafa1d1bb5b2acab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Wed, 22 Dec 2021 06:59:08 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84867
Expires
Thu, 30 Dec 2021 17:26:15 GMT
2694720-1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/2694720-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f2748fdac882bab3f3e1215e9946e0bb4a1b8a1af4c9a6b124e86ceda52ec531

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Wed, 22 Dec 2021 19:38:29 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113443
Expires
Thu, 30 Dec 2021 17:26:15 GMT
%D0%92%D0%BB%D0%B0%D1%81%D1%82%D0%B8-%D0%94%D0%B5%D0%BB%D0%B8-%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%82%D0%B8%D0%BB%D0%B8-%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%A0%D0%BE%...
newsyou.info/wp-content/uploads/2021/12/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%92%D0%BB%D0%B0%D1%81%D1%82%D0%B8-%D0%94%D0%B5%D0%BB%D0%B8-%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%82%D0%B8%D0%BB%D0%B8-%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%A0%D0%BE%D0%B6%D0%B4%D0%B5%D1%81%D1%82%D0%B2%D0%BE-%D0%B8-%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9-%D0%B3%D0%BE%D0%B4.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
96365d0efa97cf43a947425785b2bad3f7eb518f6222143d2674cbf29fe92d3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 23 Dec 2021 02:36:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86952
Expires
Thu, 30 Dec 2021 17:26:15 GMT
%D0%94%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D1%82-Nutella-%D0%9A-%D1%87%D0%B5%D0%BC%D1%83-%D0%B5%D1%89%D0%B5-%D0%BF%D1%80%D0%B8%D0%B2%D0%B5%D0%B4%D0%B5%D1%82-%D0%BE%D0%B1%D0%B2%D0%B0%D0%BB-%D0%BB%D0%B8%D1...
newsyou.info/wp-content/uploads/2021/12/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%94%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D1%82-Nutella-%D0%9A-%D1%87%D0%B5%D0%BC%D1%83-%D0%B5%D1%89%D0%B5-%D0%BF%D1%80%D0%B8%D0%B2%D0%B5%D0%B4%D0%B5%D1%82-%D0%BE%D0%B1%D0%B2%D0%B0%D0%BB-%D0%BB%D0%B8%D1%80%D1%8B.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1e98a3ede349fecfd14a4b6cefad84f9b31076e53f30fb2bbb63adcd54f0f64f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Wed, 22 Dec 2021 23:35:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
200937
Expires
Thu, 30 Dec 2021 17:26:15 GMT
1640255354_6952.jpg
newsyou.info/wp-content/uploads/imga6695d8/23-12-21/ 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/23-12-21/1640255354_6952.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ebe43817c43c329b2bcf2d0c367782a3085ca9afe0134f56c778be2dfc5bd4d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 23 Dec 2021 10:29:14 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
296043
Expires
Thu, 30 Dec 2021 17:26:15 GMT
%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%9F%D0%B0%D0%B2%D0%BB%D0%B0-%D0%93%D0%BB%D0%BE%D0%B1%D1%8B-%D0%BD%D0%B0-17-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021-%D0%B2%D1%81%D0%B5-%D0...
newsyou.info/wp-content/uploads/2021/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%9F%D0%B0%D0%B2%D0%BB%D0%B0-%D0%93%D0%BB%D0%BE%D0%B1%D1%8B-%D0%BD%D0%B0-17-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021-%D0%B2%D1%81%D0%B5-%D0%B7%D0%BD%D0%B0%D0%BA%D0%B8-%D0%B7%D0%BE%D0%B4%D0%B8%D0%B0%D0%BA%D0%B0.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ed79ab516c86cb0b3da37d48ebca6f7b1f0b979325cb02db26bf5208cf00dbd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 16 Dec 2021 14:33:06 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48264
Expires
Thu, 30 Dec 2021 17:26:15 GMT
197_olya_polyakova2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/197_olya_polyakova2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
62c9183ace7ffb179b0dcfe1b88a807e6bc9a649eb6dd0936b7ba94528524929

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Wed, 22 Dec 2021 20:54:15 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193201
Expires
Thu, 30 Dec 2021 17:26:15 GMT
40c4bb177b051d9f40ffa69414b2d5e9.jpeg
newsyou.info/wp-content/uploads/2021/12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/40c4bb177b051d9f40ffa69414b2d5e9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8b659f72017df1d6cdc07307be915ec445d7640648eda9f055cffa10dafdc722

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Wed, 22 Dec 2021 20:49:10 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72552
Expires
Thu, 30 Dec 2021 17:26:15 GMT
%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%B3%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E-%D1%81-13-%D0%BF%D0%BE-19-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B...
newsyou.info/wp-content/uploads/2021/12/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%B3%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E-%D1%81-13-%D0%BF%D0%BE-19-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
dbe0cf6b50ec23fd38afc516f0b26906780ec018276247a735f51a47a7aa76fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Sat, 11 Dec 2021 02:00:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
187735
Expires
Thu, 30 Dec 2021 17:26:15 GMT
newsyou.info.1024868.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
br
cf-cache-status
HIT
age
3037
last-modified
Thu, 02 Dec 2021 15:01:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VJDH08A10XP55WF1
x-amz-id-2
dHzn/3sEgEOM/mEzVYQYC4D8BZGGCpMWn3Vb0dvbCMYhBGNvhecteUF4ctWNa/kXiw9d/LIYuDY=
cf-bgj
minify
server
cloudflare
etag
W/"49a1b7d557a988c4e4f78eb5f865547e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2352e4bf1e2b59-FRA
expires
Thu, 23 Dec 2021 20:31:29 GMT
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1779782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2695
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-31fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy3Bj%2BNBb5NrDnlz4lKSDSMVf2oKx3Uk%2FfELAHc2AUuU5oiltHjp0T2PJQX3LOnwg%2FxAlDV54cLeCyFeT%2FZEz18hM%2BOS%2FzSRsR9Q2d%2BdTqDur8wbfqEUyB2tj0HSEpYI1ycTt5DDAs%2FUBMqzxmRC9wEf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c2352e4885483b8-MXP
expires
Tue, 13 Dec 2022 17:31:29 GMT
jquery.fancybox.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		157 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1779054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32145
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-2739b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T87OsEve%2FaKHzVPOfnlKnPVtw0boemxYwMNU8WmsEgqwiqMGrOtx3nlrbVyG6DNCkrsieWDyNrDAVSmx2ECp222FDvP3trp5mPi%2FzIEMcZ3qWIjWGd6ujR8khNAiATOT1p8GriCaWCawt2RYtiNZn9dq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c2352e4885783b8-MXP
expires
Tue, 13 Dec 2022 17:31:29 GMT
rotator.js
newsyou.info/wp-content/themes/newsyou/js/ 		207 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/rotator.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207
Expires
Thu, 30 Dec 2021 17:26:15 GMT
av.js
ppvesdfiojol.com/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/av.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:25:30 GMT
server
nginx
etag
W/"618ce18a-b8fc"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=60
content-type
application/javascript
x-variti-ccr
412103001:1
expires
Thu, 23 Dec 2021 17:32:29 GMT
media
a4p.adpartner.pro/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
7e436efe4ae1cd0ebb3e5fef30ea54de8151e1dfabd9cdc0abe1b87e7b216183

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
truncated
/ Frame 5325 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6d89e3b5fe9105c2adc070949d5b9f61a63700b8227950e4ea732b1c5699519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
76ujLEOM+yzqrjMj0l8b3Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
mb1QizgZStI6UyYQjpaLCzs1H4plBaQzoB/adzdvVELJjovmnYDJ2PXib621HluN/tfmytAWjtpxsSKzasWqbg==
x-fb-trip-id
917726464
x-fb-content-md5
5bbc8fa26995ad49782b4e26ec6e66ae
x-frame-options
DENY
date
Thu, 23 Dec 2021 17:31:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3dcaf8b0bf95a7314cc92248bf1559b8"
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:48:38 GMT
b286ae57.js
pxksnymto.ru/pixels/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxksnymto.ru/pixels/b286ae57.js
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
menu.png
newsyou.info/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/menu.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:15 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2563
Expires
Thu, 30 Dec 2021 17:26:15 GMT
/
www.instagram.com/p/BNG6WrSgjLA/embed/captioned/ Frame C32A 		49 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45f859876051453f994e911f45cbcafe20953e7cf06a289715f9094b38ce8a77
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

content-type
text/html; charset=utf-8
x-accel-buffering
no
vary
Accept-Language, Cookie, Accept-Encoding
content-language
de
date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only
require-corp;report-to="coep"
report-to
{"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial
AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop"
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
48
access-control-expose-headers
X-IG-Set-WWW-Claim
x-ig-request-start-time
871474019.829884
x-ig-request-end-time
871474077
x-ig-origin-region
rva
x-fb-trip-id
1679558926
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
index.php
telegram.im/widget-button/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 23 Dec 2021 17:31:28 GMT
Server
nginx
Strict-Transport-Security
max-age=0
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.30747958825317845
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
907af162f672cea1650def46927f38c924ad384a97d70cbfeba3112a94b7240a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.8744593066016242
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
151c06c923bac8754c9adb23cc21cc04c078aedb2b2702461be9adc440c14a42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.6630212333145746
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
2c6da72d57c6bf45064a2787e171816cc08c298bcc6219952a2d0910c2848b41
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
13245.js
jsn.24smi.net/d/6/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
33
etag
W/"6152c8b3-c46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352e4e9de59b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:56 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7880&r=0.486926441430795
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
19a37d362d6722180848f57ad29e94769278dfb86cdac77c8f43bcc0ff76f3ca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
13267.js
jsn.24smi.net/4/0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
33
etag
W/"6152c8b3-b81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352e51b4a59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:56 GMT
13248.js
jsn.24smi.net/e/7/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
33
etag
W/"6152c8b3-900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352e51b4759a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:56 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.10496876377809916
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
7f3300b622d75ac47835fbabadc40226e1aefd7f5515d54d7654f3c69b4447d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=6822&r=0.7983827190963799
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
f62d5f0004cf17df8c41fb5d26e38731b0878d051196ef21eb4d617046bae912
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO;0.48183032027126393
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO;0.48183032027126393
149 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO;0.48183032027126393
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
nginx/1.17.9 /
Resource Hash
9eec64368167047f9d996ee210b6d3bb01980aabadd30d0c9a65c6ed78bbd35e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:29 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
149
Expires
Tue, 22 Dec 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:29 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO;0.48183032027126393
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 22 Dec 2020 21:00:00 GMT
3_3_1.png
i.i.ua/r/
Redirect Chain
  • https://r.i.ua/s?u224079&p264&n0.8428801749784134&c1&d24&w1600&h1200&rnewsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
  • https://i.i.ua/r/3_3_1.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_3_1.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Server
91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
sh02.mi6.kiev.ua
Software
nginx /
Resource Hash
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:29 GMT
Last-Modified
Mon, 19 Mar 2007 13:53:49 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1233
Expires
Fri, 23 Dec 2022 17:31:28 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:29 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location
https://i.i.ua/r/3_3_1.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6995
date
Thu, 23 Dec 2021 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 17:34:54 GMT
tag.js
mc.yandex.ru/metrika/ 		194 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
br
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-10765"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67429
expires
Thu, 23 Dec 2021 18:31:29 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
4507154694380913909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 0BA5 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 22 Dec 2021 18:36:45 GMT
expires
Wed, 05 Jan 2022 18:36:45 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
82484
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ppvesdfiojol.com/ 		83 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
26ea166e3cfec1a87808c475d4962c062eace8fc7a9e160f8c6d34595b94c69a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
412103001:2
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
utarget.ru/ranging/00cb2399e4/js/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/ranging/00cb2399e4/js/?rand=1731&cookie=0
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
bfa2c0fdfc43225f1a7250a9a307e790762e95ce1270aa20f5f54ddbfdcf6118

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:29 GMT
Server
nginx
P3P
CP="NON DSP COR CURa TIA"
Vary
Accept-Language, Cookie
Content-Language
ru
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=utf-8
6ed056a9.js
pxksnymto.ru/pixels/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxksnymto.ru/pixels/6ed056a9.js
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
sdk.js
connect.facebook.net/ru_RU/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=323e44a776a35b938ef778f7b07c4abb
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dfe0de6e117fe3ddc32d7d5bc796bc279a336a4a70f8236eb9a45f743fad8e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ouSOhGqWrq1gLIRWEWoFtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83502
x-fb-rlafr
0
x-fb-debug
+w6H3y6SWOasClU026hZjcZFkCXtTMnfLNqDzyc4Eo1d4jyQuy9gdiDON2UVRMS0k708t/ARCb9hfFCzJu0A3g==
x-fb-content-md5
c405d8e17f05f0fab437c33328c1ec1d
x-frame-options
DENY
date
Thu, 23 Dec 2021 17:31:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8c7705cd52a9f12346363f47a8f0b964"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Dec 2022 16:56:14 GMT
newsyou.info.1122348.es6.js
jsc.mgid.com/n/e/ 		239 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
br
cf-cache-status
HIT
age
3384
last-modified
Thu, 02 Dec 2021 15:43:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RC20466EQDSMKB74
x-amz-id-2
wjLf5GDA4qP53hmCzSKeiCACTuV3faSjipVI7ZK729oaeXQf2DBL7mbyK8HhIkpzM1cZE/a+lHo=
cf-bgj
minify
server
cloudflare
etag
W/"3549c59b252a1dff4f0ed90218a6b365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2352e56f5d6945-FRA
expires
Thu, 23 Dec 2021 20:31:29 GMT
newsyou.info.1024868.es6.js
jsc.mgid.com/n/e/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
br
cf-cache-status
HIT
age
3680
last-modified
Thu, 02 Dec 2021 15:01:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
EKNC2B056DVH381Q
x-amz-id-2
YoWbhVXUKecBzFeX+qTy0G0/QGN72sA2N5Hh7rsY2eelGDMKodHQNpiElPqbCwXtXt6ehycXwoE=
cf-bgj
minify
server
cloudflare
etag
W/"04e832b814fb49973f6ea86d571d84a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2352e56f606945-FRA
expires
Thu, 23 Dec 2021 20:31:29 GMT
newsyou.info.1146775.es6.js
jsc.mgid.com/n/e/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
br
cf-cache-status
HIT
age
3384
last-modified
Thu, 02 Dec 2021 15:50:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
6YY7XMJG5B0FXM6E
x-amz-id-2
FS7rXj34WLuvtkUZ21it+mYswuZvNkX+p9qe+y1DDq2omXJ1ALpy+5nkbP0s/ofO2SWnfXImJ7U=
cf-bgj
minify
server
cloudflare
etag
W/"bc159291689d374b57f73dde254fa617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2352e56f5a6945-FRA
expires
Thu, 23 Dec 2021 20:31:29 GMT
cfg
data.24smi.net/ 		391 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=14482&ver=27&pio=true&pps=true&callback=__smiCb1640280689490
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
6b59d92706ff19dbb5da12e89f7f23b020f687c3461177be79f12967b2f6b2ff
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store
server
nginx
content-length
391
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
cfg
data.24smi.net/ 		392 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13245&ver=27&pio=true&pps=true&callback=__smiCb1640280689491
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
d6d562a46bb2bb71db0358cadf8e9ee6037d64fe8b8bb2f2954756d417875e1f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
z
s.zmctrack.net/ Frame C0CD 		52 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
3a2eec023adc8c05274eed54b4443f2a95502bba843fe0685313d992785f7c6e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23804
expires
Thu, 01 Jan 1970 00:00:01 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newsyou.info&callback=_gfp_s_&client=ca-pub-5994697028380609
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
1388349c524397d81d70db145e61afd336d7916d99c7e5bac6cd100bd20b0e97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FD47 		30 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=3025194257&lmt=1640280689&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689405&bpp=2&bdt=564&idt=133&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3890625747124&frm=20&pv=2&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=146
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf63cb4a4b9e5bfa7166ac88710acacdc7bfa0e1a6b14b218838bb08b622eee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:29 GMT
server
cafe
content-length
6321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
private
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13248&ver=27&pio=true&pps=true&callback=__smiCb1640280689492
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
8f3fe04b37590b24ec4c7edf763d19a8ee1c626674f16f1ba917708c2ffed879
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
ls
a4p.adpartner.pro/jsunit/ Frame C569 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=610&screen_width=1600&reload_count=0&banner_num=1640280689460588615&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.30747958825317845
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
8c247b384ea13074aeeab8f5b587a62da3b1e02bfa19e85b0406b48359d3e956

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:29 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
media.min.js
a4p.adpartner.pro/apstc/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.397
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store no-transform
last-modified
Thu, 16 Dec 2021 14:29:41 GMT
server
nginx
content-encoding
br
etag
W/"61bb4d55-3ac0"
content-type
application/javascript
ls
a4p.adpartner.pro/media/ Frame 6EDF 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=fdb6e022-4399-450d-8743-19e061e3265a&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
2765934cfdaf7614486e679553d0907d6125c9e632d6ef737efdefa4ee806bbb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:29 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13267&ver=27&pio=true&pps=true&callback=__smiCb1640280689493
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
fe4258b181fd1adeaa931c5ab02f246a3ff5fda3be34220d82a62cf2c7fdb9aa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
ls
a4p.adpartner.pro/jsunit/ Frame 3D09 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=300&screen_width=1600&reload_count=0&banner_num=1640280689461669814&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.10496876377809916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
586b95b8f29d6808b49ce0325fefc7af40a14bad123850810606009bf9ffe14b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:29 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
zaglushka-top.php
newsyou.info/wp-content/themes/newsyou/ads/ Frame F167
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=1966935994&adf=2145073481&pi=t.ma~as.9613474772&w=580&lmt=1640280689&psa=0&fo...
  • https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
439 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
83927a60099c70a47fad6b301c4856d8d50dcd99e1183171946c52bf662640c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:15 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
271
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:30 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
d60c1733aa08b9c-1635069053.jpg
ppvesdfiojol.com/upload/202110/7b1bc6dcdc3764e8/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202110/7b1bc6dcdc3764e8/d60c1733aa08b9c-1635069053.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed5a11894c21c008675badc52c7d06a2b7c37789074ea71fad33c3f449048d1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
last-modified
Sun, 24 Oct 2021 09:50:53 GMT
server
nginx
etag
"61752c7d-294c"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
10572
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412103001:3
65f0be96ec82bfb-1640125395.jpg
ppvesdfiojol.com/upload/202112/0b43bcd0f0435025/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/0b43bcd0f0435025/65f0be96ec82bfb-1640125395.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
1ed1d1cb8623bf3167e5cbb2b7c30b8d26f243976ee9f6788d34a4e4b2de3d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
last-modified
Tue, 21 Dec 2021 22:23:15 GMT
server
nginx
etag
"61c253d3-462e"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
17966
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412103001:4
0e278e7063abb76-1640126863.jpg
ppvesdfiojol.com/upload/202112/a16f7ae21631798b/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/a16f7ae21631798b/0e278e7063abb76-1640126863.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c29fb37699996df1d4eb577635c7e9a2b159abf4e95fd99101ddd20f421f5d63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
last-modified
Tue, 21 Dec 2021 22:47:43 GMT
server
nginx
etag
"61c2598f-462a"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
17962
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412103001:5
b5f36d7de5b31f8-1639937121.jpg
ppvesdfiojol.com/upload/202112/6db5449f752873ab/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/6db5449f752873ab/b5f36d7de5b31f8-1639937121.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e75ed43041906d7a1a30057773711c90085183a5f4563f5279cfb0519a3c4ed8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
last-modified
Sun, 19 Dec 2021 18:05:21 GMT
server
nginx
etag
"61bf7461-5162"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
20834
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412103001:6
98ab4c48038f0a7-1640127212.jpg
ppvesdfiojol.com/upload/202112/0e6e377b1b020881/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/0e6e377b1b020881/98ab4c48038f0a7-1640127212.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
2792408224dde6373f1778228a05505a2a36913137c920af418594c08133fd0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
last-modified
Tue, 21 Dec 2021 22:53:32 GMT
server
nginx
etag
"61c25aec-376e"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
14190
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412103001:7
ls
a4p.adpartner.pro/jsunit/ Frame 7E47 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=610&screen_width=1600&reload_count=0&banner_num=1640280689461993707&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.8744593066016242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
a3188fa63b352a6bc9ebeca3bc23abb61b390c969dda21ecde5f40b4a6f14a76

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:29 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
widget-button.css.php
telegram.im/widget-button/ 		2 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/widget-button.css.php
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:28 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0
fonts.css
telegram.im/widget-button/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/fonts.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:05:17 GMT
Server
nginx
ETag
W/"58b29a4d-f47"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:28 GMT
style.css
telegram.im/widget-button/ico/ 		1 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/style.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:02:08 GMT
Server
nginx
ETag
W/"58b29990-42b"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:28 GMT
WidgetTelegramButton.min.js
telegram.im/widget-button/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/WidgetTelegramButton.min.js
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 21:40:46 GMT
Server
nginx
ETag
W/"58b34b5e-c56c"
Strict-Transport-Security
max-age=0
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:28 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1894416176&t=pageview&_s=1&dl=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&ul=en-us&de=UTF-8&dt=%D0%90%D0%B2%D1%81%D1%82%D1%80%D0%B0%D0%BB%D0%B8%D0%B9%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%B4%D1%83%D0%BC%D0%B0%D0%BB%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%81%D0%BF%D0%B0%D1%81%D1%82%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B5%D0%BB%D0%BA%D1%83%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D0%B2%20(%D0%A4%D0%9E%D0%A2%D0%9E)%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1211148969&gjid=712095283&cid=1382827890.1640280690&tid=UA-80712032-1&_gid=1908545652.1640280690&_r=1&_slc=1&z=2087306620
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsyou.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3D2C 		79 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c47b97eaf101991fd9e5cdfce392e1dafb9fe99585e757c4865447772753b3a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:29 GMT
server
cafe
content-length
22454
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 1CC0 		73 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b988dc847005013c7bae420fbdcecc1bdec9818bf1ffe2e7709b3d25613a956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:30 GMT
server
cafe
content-length
22417
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
private
b4e213565be7.css
www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/ Frame C32A 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/b4e213565be7.css
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a92612b9748a86d86668384da155e92c39074bde96917e864157360085f35fc6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 21:34:21 GMT
content-encoding
br
etag
"b4e213565be7"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
2923
priority
u=3,i
0dabd558891f.js
www.instagram.com/static/bundles/es6/de_DE.js/ Frame C32A 		279 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/de_DE.js/0dabd558891f.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
463692403b9904ace70f73fd33bbbf090d5ad5ea444ba39d0ee3ead6437bb0e1

Request headers

Referer
https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Origin
https://www.instagram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 21:08:05 GMT
content-encoding
br
etag
"0dabd558891f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
70032
priority
u=3,i
a1ec507bb684.js
www.instagram.com/static/bundles/es6/EmbedSimple.js/ Frame C32A 		356 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSimple.js/a1ec507bb684.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3958344a34548f2938bb9536ccb47119f9b461b39e4c7efe053613d64d5b1fb0

Request headers

Referer
https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Origin
https://www.instagram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 21:08:04 GMT
content-encoding
br
etag
"a1ec507bb684"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
92563
priority
u=3,i
/
utarget.ru/is_clickunder/ 		16 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/is_clickunder/
Requested by
Host: utarget.ru
URL: https://utarget.ru/ranging/00cb2399e4/js/?rand=1731&cookie=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:29 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Vary
Cookie, Accept-Language
Content-Language
ru
1280.js
jsn.24smi.net/d/6/13245/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245/1280.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:49 GMT
server
cloudflare
age
32
etag
W/"61c4b249-13f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352e7290d59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
783.js
jsn.24smi.net/b/0/14482/ 		54 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/b/0/14482/783.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:26 GMT
server
cloudflare
age
32
etag
W/"61c4b232-d62c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352e7290e59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F5D7 		83 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5949b0dc3386997c1532101d0f4193aa49441ee6b3097d776a2157aaa37e39a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:30 GMT
server
cafe
content-length
24830
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
private
1282.js
jsn.24smi.net/e/7/13248/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248/1282.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:49 GMT
server
cloudflare
age
32
etag
W/"61c4b249-11b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352e7599b59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
render
ocmurc.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=dd98fe8d-2200-42a0-afcb-77736cbf2577&referrer=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&page_load_uuid=d6a94512-57aa-42b6-9568-2303eb8ace5d&page_depth=1&f6vzbfpjtdi=5eca6fba-9cbb-4f45-9572-32cf84077d45&block_uuid=5eca6fba-9cbb-4f45-9572-32cf84077d45&refresh_depth=1&safari_multiple_request=82
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a1f6eb33e5d0784424c50928f052711173632c101554554bf74bc34fab4de995

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=dd98fe8d-2200-42a0-afcb-77736cbf2577&referrer=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&page_load_uuid=d6a94512-57aa-42b6-9568-2303eb8ace5d&page_depth=1&f6vzbfpjtdi=3547ed36-7c1a-4c24-ba38-9664321b8855&block_uuid=3547ed36-7c1a-4c24-ba38-9664321b8855&refresh_depth=1&safari_multiple_request=517
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3f3f119ba13baaa19ef838036c2b2325ea1408f799b505f7b0e89819eb53e2e1

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=dd98fe8d-2200-42a0-afcb-77736cbf2577&referrer=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&page_load_uuid=d6a94512-57aa-42b6-9568-2303eb8ace5d&page_depth=1&f6vzbfpjtdi=1005d6d5-8587-4044-84b7-f49ce1b590da&block_uuid=1005d6d5-8587-4044-84b7-f49ce1b590da&refresh_depth=1&safari_multiple_request=88
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
815a5ab6cbd87d88a2b63046bb14f985e55af8fdbcb801262405ddc184c6f1d2

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=dd98fe8d-2200-42a0-afcb-77736cbf2577&referrer=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&page_load_uuid=d6a94512-57aa-42b6-9568-2303eb8ace5d&page_depth=1&f6vzbfpjtdi=c0a8ed84-a54b-489b-89d5-0615217d2847&block_uuid=c0a8ed84-a54b-489b-89d5-0615217d2847&refresh_depth=1&safari_multiple_request=418
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
7aae63036faaaa4b9d339632134c645b626780dff3e108cef697b5754782e8ac

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=dd98fe8d-2200-42a0-afcb-77736cbf2577&referrer=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&page_load_uuid=d6a94512-57aa-42b6-9568-2303eb8ace5d&page_depth=1&f6vzbfpjtdi=3c625efe-9cd7-4984-b8ff-0ac328698b2c&block_uuid=3c625efe-9cd7-4984-b8ff-0ac328698b2c&refresh_depth=1&safari_multiple_request=338
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
c2322faff70a276fa917b8e3ea8991765c705bc2cbc496c31452360b7b7861e6

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=93dbee8072db7850&d=newsyou.info
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:29 GMT
server
openresty
pclicks.js
prodmp.ru/ 		0
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks.js
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/6ed056a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/javascript
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/6ed056a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-32.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
1326719
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
wZoj4ZSWqf_8zVbFrMI2BdJIjslRcFrrAlxIExUECe6xqzBqQ2ksRw==
ads
googleads.g.doubleclick.net/pagead/ Frame 3C68 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4435e7acc1fd6ce0b183e859195e7a81bbf2a33f34d9b21457f0c70e2956a6b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:30 GMT
server
cafe
content-length
12018
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
private
analytics.js
www.google-analytics.com/ Frame C569 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=610&screen_width=1600&reload_count=0&banner_num=1640280689460588615&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6995
date
Thu, 23 Dec 2021 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 17:34:54 GMT
jsunit
a4p.adpartner.pro/ Frame C569 		29 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280689460588615&id=2489&is_in_viewport=0&ref=&reload_count=0&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&session_pageview=1&shown=&site_visited=1&unit_id=2489
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=610&screen_width=1600&reload_count=0&banner_num=1640280689460588615&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
a56ca824f325531658f14b5c5b6c336391302b26fb4434782b0a43846f33d883

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=610&screen_width=1600&reload_count=0&banner_num=1640280689460588615&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
media
a4p.adpartner.pro/ Frame 6EDF 		1 KB
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=5555&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=fdb6e022-4399-450d-8743-19e061e3265a&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
a2659a2bec3dd8d1ce6ca6fa09cb226521d7dd8c45f16cc1adce4aaddf239325

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=fdb6e022-4399-450d-8743-19e061e3265a&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
jsunit
a4p.adpartner.pro/ Frame 3D09 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280689461669814&id=7858&is_in_viewport=0&ref=&reload_count=0&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&session_pageview=1&shown=&site_visited=1&unit_id=7883
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=300&screen_width=1600&reload_count=0&banner_num=1640280689461669814&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
a7f657e5262ea0d6577c5ba7ebcac570c49c310cb8db32db4645df90dc8ebad0

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=300&screen_width=1600&reload_count=0&banner_num=1640280689461669814&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
269840018_416116110193874_8033061818733126840_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.2885-19/s150x150/ Frame C32A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.cdninstagram.com/v/t51.2885-19/s150x150/269840018_416116110193874_8033061818733126840_n.jpg?_nc_ht=scontent-frt3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=f-aMfZwyoXUAX_4srE7&edm=AJBgZrYBAAAA&ccb=7-4&oh=00_AT9lKCdOYzmH6xfAYM_4nKOySBA8vF6POze8NTX9vxsv-Q&oe=61CBFE49&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9057d99542450055cbb5d820a5b75a89962373480c2279cba701d077ced4bb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum
3530765167
date
Thu, 23 Dec 2021 17:31:29 GMT
x-fb-trip-id
1425083115
last-modified
Thu, 23 Dec 2021 10:30:08 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3502886670
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
4771
14504678_1267469356608068_6386953841912315904_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ Frame C32A 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/14504678_1267469356608068_6386953841912315904_n.jpg?_nc_ht=scontent-frt3-1.cdninstagram.com&_nc_cat=108&_nc_ohc=yEKAuh311RcAX-UOeL4&edm=AJBgZrYBAAAA&ccb=7-4&oh=00_AT_oaD16SifoGFBR_4FceaN-xJFpmaHQTMchs8CNlIQA-g&oe=61CB1B5A&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a63bfd2897cb09dddcb0ce78113e21139694e3ba54ef8ff4101c45b2cc1d375

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum
3090197412
date
Thu, 23 Dec 2021 17:31:29 GMT
x-fb-trip-id
1425083115
last-modified
Tue, 22 Nov 2016 09:49:43 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
958472223
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
79932
262340505_1513937122320313_2406532776182771785_n.webp.jpg
scontent-frt3-2.cdninstagram.com/v/t51.2885-15/e35/c0.76.613.613a/s150x150/ Frame C32A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.cdninstagram.com/v/t51.2885-15/e35/c0.76.613.613a/s150x150/262340505_1513937122320313_2406532776182771785_n.webp.jpg?_nc_ht=scontent-frt3-2.cdninstagram.com&_nc_cat=101&_nc_ohc=ulZy0ybZTvAAX_3eBIv&edm=AJBgZrYBAAAA&ccb=7-4&oh=00_AT-1ppHbMkV1n8LoOPnvrhwZphol8QSVh4r3g7SGrtnVew&oe=61CBD895&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
53d4838c949b3ae0f34448ec4399d3ef769ab853c47f45e62e85c9912beecaf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum
1864562279
date
Thu, 23 Dec 2021 17:31:29 GMT
x-fb-trip-id
1425083115
last-modified
Wed, 01 Dec 2021 08:16:28 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
843444117
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
5983
257511782_275867197660915_9178132093669718618_n.webp.jpg
scontent-frt3-1.cdninstagram.com/v/t51.2885-15/e35/c0.180.1440.1440a/s150x150/ Frame C32A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.cdninstagram.com/v/t51.2885-15/e35/c0.180.1440.1440a/s150x150/257511782_275867197660915_9178132093669718618_n.webp.jpg?_nc_ht=scontent-frt3-1.cdninstagram.com&_nc_cat=107&_nc_ohc=d8qGgIrYHE8AX-UYhD-&edm=AJBgZrYBAAAA&ccb=7-4&oh=00_AT9g7dAINIF-uQsR_0JqjwxQpgzsEB3a_wt0nk84PBtoSw&oe=61CC3A4B&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:80c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a2fce6ae37e706b9ca79b18a22f786aba70a7f45d13ae393a760926f1f00c10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-haystack-needlechecksum
2836851585
date
Thu, 23 Dec 2021 17:31:29 GMT
x-fb-trip-id
1425083115
last-modified
Mon, 15 Nov 2021 02:07:12 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3060313150
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
6894
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9496.c9DLcf5m2EUG0KAJ_1MVBB0nklVWQzEUqWVdw6JpwVdE2FV8hg2EIF3ziKlfPpR-.O1Vj797w9-G-IiLWblclmV9pjSk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9496.ApChbVcSr-Z7lIIIXhTHwgxJqEoL019s0HUdgyXdNhk4szcSisF32WcHGM0VC6nSTAifICB7tPSU30vUsJIrzQ%2C%2C.LAGfRWHQa7GSUExfE8SPRcjmdXQ%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9496.ApChbVcSr-Z7lIIIXhTHwgxJqEoL019s0HUdgyXdNhk4szcSisF32WcHGM0VC6nSTAifICB7tPSU30vUsJIrzQ%2C%2C.LAGfRWHQa7GSUExfE8SPRcjmdXQ%2C
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9496.ApChbVcSr-Z7lIIIXhTHwgxJqEoL019s0HUdgyXdNhk4szcSisF32WcHGM0VC6nSTAifICB7tPSU30vUsJIrzQ%2C%2C.LAGfRWHQa7GSUExfE8SPRcjmdXQ%2C
date
Thu, 23 Dec 2021 17:31:30 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1281.js
jsn.24smi.net/4/0/13267/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267/1281.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:294a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:30:49 GMT
server
cloudflare
age
32
etag
W/"61c4b249-118a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c2352e7eb4659a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:30:57 GMT
6c7742894eb6.png
www.instagram.com/static/bundles/es6/sprite_embed_6c7742894eb6.png/ Frame C32A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instagram.com/static/bundles/es6/sprite_embed_6c7742894eb6.png/6c7742894eb6.png
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/b4e213565be7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23beda30424ac7c49957ce15299d0199803995498851441548cf89108a12871b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/b4e213565be7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 22:18:36 GMT
content-encoding
br
etag
"6c7742894eb6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
12978
priority
u=3,i
telegramimfont.ttf
telegram.im/widget-button/ico/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/fonts/telegramimfont.ttf?7b24fo
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/ico/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e

Request headers

Referer
https://telegram.im/widget-button/ico/style.css
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:28 GMT
Last-Modified
Sun, 26 Feb 2017 09:02:02 GMT
Server
nginx
ETag
"58b2998a-59c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1436
ads
googleads.g.doubleclick.net/pagead/ Frame C466 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8479b571451bd702b716cd878fba60c3468d16eb11d952ee5be3316ac7d17633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:30 GMT
server
cafe
content-length
11578
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
private
jsunit
a4p.adpartner.pro/ Frame 7E47 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280689461993707&id=7460&is_in_viewport=0&ref=&reload_count=0&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&session_pageview=1&shown=&site_visited=1&unit_id=7460
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=610&screen_width=1600&reload_count=0&banner_num=1640280689461993707&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
43e18649ca38c32a8dfa6c93a6576b51716b8ccafb91d6dae9fd58292bb0aed2

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&apuid=fdb6e022-4399-450d-8743-19e061e3265a&width=610&screen_width=1600&reload_count=0&banner_num=1640280689461993707&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 23 Dec 2021 18:31:29 GMT
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13977&f=2&ref=https%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
41c73bdf826bb64778e01442194521dcf0c099e52da680066b5e1039070f35f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
ads
googleads.g.doubleclick.net/pagead/ Frame 874E 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8ad4278ed4c39bc927c9d53c8d527f89c1ebde36ee0a8ae1a6ddbc14e368dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:30 GMT
server
cafe
content-length
12293
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
private
/
m.mixadvert.com/show/load/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5876&id_name=qyBSy&teaser_name=ZBAYHpS&block_name=kbNliN&ban_teaser=&r=0.48362498113462027&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.6630212333145746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
07d3055d7d1cf28e13d91206d6dbb2d7c96810a5a876901501ed0ebffead93b0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
css
fonts.googleapis.com/ Frame 3D2C 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:48:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:30 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3D2C 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
server
cafe
etag
14559802278604478720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:25:50 GMT
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/6ed056a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-32.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
1326720
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
UT5c45xbP_gAQOUlHLU_hirZzfVnRPJ3MYO4mzQA3EjJY62ZSKAAkw==
css
fonts.googleapis.com/ 		12 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:01:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:30 GMT
d0b61c3202891e61.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/d0b61c3202891e61.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ebf831c917cc19797fad0a9243ad955a1f6e57183ad27c2ac123cecb29782bd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 22 Dec 2021 12:55:04 GMT
server
nginx/1.14.2
etag
"61c32028-7445"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
29765
d0b61c44d55a756a.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/c36d16a932074f478b94dfa1b7357b64/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/c36d16a932074f478b94dfa1b7357b64/d0b61c44d55a756a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ba07a6fa7d7cc4f6b5b28a85169014124073cd45e8673785154d9710624acbc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23 Dec 2021 10:20:05 GMT
server
nginx/1.14.2
etag
"61c44d55-5029"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20521
d0b61c31fec1322d.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/d0b61c31fec1322d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3d86ea1a91933592bc9f2aa122fdf67bff0e2ce2c79f548739c4d2e96ac5553e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 22 Dec 2021 12:54:04 GMT
server
nginx/1.14.2
etag
"61c31fec-ab84"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
43908
d0b6115360bf1f86.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/d0b6115360bf1f86.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 12 Aug 2021 14:54:03 GMT
server
nginx/1.14.2
etag
"6115360b-4030"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
16432
d0b61b090eba3593.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/75d0dbb9fb5845d9830cc073c4e37616/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/75d0dbb9fb5845d9830cc073c4e37616/d0b61b090eba3593.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5cd40fe604b58b6d0f2fd44e5fcc9423a943051aedfc3d44aeac6612dd7e2050

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 08 Dec 2021 11:03:07 GMT
server
nginx/1.14.2
etag
"61b090eb-4f0d"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20237
d0b61c32063a6c1b.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/d0b61c32063a6c1b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8773f887e6d0472f166df5c8d38f43a81ac55d5174ebdd9f5d9fb6e53961fa8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 22 Dec 2021 12:56:03 GMT
server
nginx/1.14.2
etag
"61c32063-8720"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
34592
d0b61b8fbc068836.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/d0b61b8fbc068836.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
28c3b24f87d5f92b9674f8f01f11fb31a3e68538ea483ac9812986bb8b8d9294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Tue, 14 Dec 2021 20:17:04 GMT
server
nginx/1.14.2
etag
"61b8fbc0-5ece"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24270
d0b611535d09ed40.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/d0b611535d09ed40.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
25518d2c841e59dec58e64b57333fbd2640ace7042fe584dc19649690e14272f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 12 Aug 2021 14:53:04 GMT
server
nginx/1.14.2
etag
"611535d0-4a58"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19032
d0b61b090e7753d9.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/d30aecdcb0ef4d4f962ae020b2a50c4b/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/d30aecdcb0ef4d4f962ae020b2a50c4b/d0b61b090e7753d9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f054bf0870f8a7262d7c6a7c35cb1ceb67823f501c4bf19b8389849fe3cf9838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 08 Dec 2021 11:03:03 GMT
server
nginx/1.14.2
etag
"61b090e7-5f94"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24468
d0b6182b6785e11d.jpeg
ocmurc.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/d0b6182b6785e11d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
cd919786e58a29bed6ae038fd3e7f514232525798fc80a3d1127a5d6c5c103f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 03 Nov 2021 16:19:04 GMT
server
nginx/1.14.2
etag
"6182b678-5021"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20513
z
s.zmctrack.net/ Frame 3FEF 		102 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
4518e594b73c1f255cc2088838a8be45182e2872c3b56a0914a7aac6cee0d90c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
ads
googleads.g.doubleclick.net/pagead/ Frame C46B 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adde15e03c4f9a9191ba7326ad2e533f339e2dffc96dba666a058d4857879c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:30 GMT
server
cafe
content-length
12543
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
private
d0361c451c7c126a.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a175fc7379634446b2371aef5f13243a/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a175fc7379634446b2371aef5f13243a/d0361c451c7c126a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
adc8fc28b66827d96a76ac5be9c44ccea9d61249418820bedd9092c16775ac3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23 Dec 2021 10:39:03 GMT
server
nginx/1.14.2
etag
"61c451c7-478e"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
18318
d036194a92f9d668.jpeg
ocmurc.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/d036194a92f9d668.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5fe718a3f71d796a8c839f91b9a26cf201757f1d2a6e77cf24d553f60302ed24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 17 Nov 2021 07:03:11 GMT
server
nginx/1.14.2
etag
"6194a92f-3b2a"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
15146
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 3D2C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:27:11 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3D2C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D2C 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3D2C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:26:44 GMT
css2
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:07:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:30 GMT
css2
fonts.googleapis.com/ 		5 KB
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:03:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:30 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ 		3 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4bb9e0506f58f5253017c1d860a7371ab1488d2c23e3002f4c230ce19fa7cf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:26:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:30 GMT
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:30 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=fdb6e022-4399-450d-8743-19e061e3265a
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D10&cdsp=363190&user_id=fdb6e022-4399-450d-8743-19e061e3265a&sct=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352eb6dda6945-FRA
content-type
image/gif
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=fdb6e022-4399-450d-8743-19e061e3265a
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D9&cdsp=363190&user_id=fdb6e022-4399-450d-8743-19e061e3265a&sct=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352eb6dde6945-FRA
content-type
image/gif
fdb6e022-4399-450d-8743-19e061e3265a
s.uuidksinc.net/match/272/ 		74 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/272/fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
fdb6e022-4399-450d-8743-19e061e3265a
recreativ.ru/mtch/31/ 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

hn
b11
date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
via
1.1 google
alt-svc
clear
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
193.232.150.44 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
sender.premier.one
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
x-backend-id
f25-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f25-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:24 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
112
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F72B2C4611600B164026ECB11&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F72B2C4611C05104E02DF0F81
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F72B2C4611C05104E02DF0F81
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:33 GMT
last-modified
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:33 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F72B2C4611C05104E02DF0F81
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F72B2C4611400956402248215&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F72B2C4611C05104E02DF0F81
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F72B2C4611C05104E02DF0F81
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:33 GMT
last-modified
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:33 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F72B2C4611C05104E02DF0F81
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=d0d9717c-4a41-4270-4d57-d46e0ba779df
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=d0d9717c-4a41-4270-4d57-d46e0ba779df
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=d0d9717c-4a41-4270-4d57-d46e0ba779df
date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=93053dde-4f4c-47c9-524b-d9d91502090f
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=93053dde-4f4c-47c9-524b-d9d91502090f
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=93053dde-4f4c-47c9-524b-d9d91502090f
date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
css
fonts.googleapis.com/ 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:05:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:56:19 GMT
x-content-type-options
nosniff
age
84911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 17:56:19 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 18:07:18 GMT
x-content-type-options
nosniff
age
84252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 18:07:18 GMT
d0b61b059e056f97.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/320c0552d1cb4ff0a14f70fdacd5b628/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/320c0552d1cb4ff0a14f70fdacd5b628/d0b61b059e056f97.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
50787a7684b4c3b017af0d1f754e97969bdd6cf20bf2d59e81d614dccc916c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 08 Dec 2021 07:08:16 GMT
server
nginx/1.14.2
etag
"61b059e0-3a00"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
14848
d0b61b896f8257bc.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/03388beaebee41d99dd9101ed5f4931e/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/03388beaebee41d99dd9101ed5f4931e/d0b61b896f8257bc.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1ec53179a71bb19d3bdec146371021485e5a26ea598ad52816bbc4a9bb5afb27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Tue, 14 Dec 2021 13:07:04 GMT
server
nginx/1.14.2
etag
"61b896f8-3adc"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
15068
d0b611d0a3a2edd5.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/d0b611d0a3a2edd5.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 18 Aug 2021 13:25:14 GMT
server
nginx/1.14.2
etag
"611d0a3a-43c1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
17345
d0b61add90bc4bec.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/b4bbd717686441f8bd0711295baf6767/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/b4bbd717686441f8bd0711295baf6767/d0b61add90bc4bec.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
7aa01b65ddab63af081b179c28164c663a40e042b2ba1fed2644ee6f9d2a211d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Mon, 06 Dec 2021 09:34:03 GMT
server
nginx/1.14.2
etag
"61add90b-5656"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
22102
d0b61af169fdc6a8.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/c8fa0c5c8e4f49b3b238d7b9b5989cce/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/c8fa0c5c8e4f49b3b238d7b9b5989cce/d0b61af169fdc6a8.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d451478e68967318296d36228990231513bc7f5e5de8c11d825f8061a4e5e6cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Tue, 07 Dec 2021 08:09:03 GMT
server
nginx/1.14.2
etag
"61af169f-5679"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
22137
d0b61c45027f3f0c.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/26097f1d9161463f99d3d3ec66eada45/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/26097f1d9161463f99d3d3ec66eada45/d0b61c45027f3f0c.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
27643e651751bd6c2cbe1350d6336dd8cc807049b14bdecd4620d7e1afd010ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23 Dec 2021 10:32:07 GMT
server
nginx/1.14.2
etag
"61c45027-8af7"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
35575
d0b61b085e3ce442.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/884fa888eac744b596737050d32fc061/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/884fa888eac744b596737050d32fc061/d0b61b085e3ce442.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
986036fffea7b52937718badd063cc28a6da29792e6df5c0176b302008928381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 08 Dec 2021 10:16:03 GMT
server
nginx/1.14.2
etag
"61b085e3-62a8"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
25256
d0b61b096109f84d.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a3f02c1fb1604939859cf07ddca7a555/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a3f02c1fb1604939859cf07ddca7a555/d0b61b096109f84d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
28d4bd1f035e957aaa00531c44df5cf7b802ae9235261ed370510fdd1743a52b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 08 Dec 2021 11:25:04 GMT
server
nginx/1.14.2
etag
"61b09610-4431"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
17457
d0b611d0a35a6fac.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/d0b611d0a35a6fac.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
138bec58cfd65720c14272d5aed343b949207725edd5f676bdcd9bb092c963f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 18 Aug 2021 13:25:09 GMT
server
nginx/1.14.2
etag
"611d0a35-2f35"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
12085
d0b6115364870ce2.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/49e51e77a95f44439191d8ff8e999515/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/49e51e77a95f44439191d8ff8e999515/d0b6115364870ce2.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f3039063bdeeddc487f9a6e8f625e1a10c8a37ec37e2707a3a3835aba0fc8686

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 12 Aug 2021 14:55:04 GMT
server
nginx/1.14.2
etag
"61153648-4b6a"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19306
if
a4p.adpartner.pro/tracker/ Frame 7B3A 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297875%2C%22cost%22%3A0.000731996%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22a2f363f9-ec65-4997-b856-7a59cc20409e%22%7D%2C%7B%22ad_id%22%3A2004555%2C%22cost%22%3A0.000173399%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%220b51889a-9009-469c-b4b9-3a34b7032f40%22%7D%5D%2C%22unit_id%22%3A7883%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:30 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 47B0 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228010c3b7-9b10-491c-ae14-073066f0dd3f%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2279d56577-7eb4-42a8-a9de-9bce99cc1595%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22309e3cbb-8fe1-4b2b-af6c-69b7ab67badb%22%7D%2C%7B%22ad_id%22%3A1714798%2C%22cost%22%3A0.000399628%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225d0de1c0-1c54-47a2-a9e8-9979ed665834%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:30 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
d0b61c2e0b28a07d.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/d239be6fe5b14ad8902d74a3c1687e7e/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/d239be6fe5b14ad8902d74a3c1687e7e/d0b61c2e0b28a07d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f4874e24c594ec34fd238395daec75e730757fcaaac67c0f6bd04a065b04857e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 22 Dec 2021 08:24:18 GMT
server
nginx/1.14.2
etag
"61c2e0b2-81e6"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
33254
bx6ANxqUneKx06UkIXISn3V4Cg.woff2
fonts.gstatic.com/s/tenorsans/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tenorsans/v12/bx6ANxqUneKx06UkIXISn3V4Cg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e203e224e5db4d6614a7dab7c0e6f5b41be1b480d0c0729000b30186c9e97a9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 09:50:59 GMT
x-content-type-options
nosniff
age
114031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18500
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:24:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 09:50:59 GMT
bx6ANxqUneKx06UkIXISn3F4Cl2I.woff2
fonts.gstatic.com/s/tenorsans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tenorsans/v12/bx6ANxqUneKx06UkIXISn3F4Cl2I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22364d9de6d3a227b12361aace79a5dd19368d1a7502acd0ce2d26b967817649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 04:34:07 GMT
x-content-type-options
nosniff
age
565043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11616
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:56:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 04:34:07 GMT
wXKrE3kQtZQ4pF3D51jcAA.woff2
fonts.gstatic.com/s/arsenal/v5/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arsenal/v5/wXKrE3kQtZQ4pF3D51jcAA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec23fa82b800082a70a0f1c0ba6d020cfc6e6f0c2c88bad68ae9be93394d5d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:26:25 GMT
x-content-type-options
nosniff
age
245105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17608
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:28:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 20 Dec 2022 21:26:25 GMT
wXKrE3kQtZQ4pF3D51zcANwr.woff2
fonts.gstatic.com/s/arsenal/v5/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arsenal/v5/wXKrE3kQtZQ4pF3D51zcANwr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fba31cf312d105355e295fef5f3579ea90d5662299a06036f419d32872eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 18:27:31 GMT
x-content-type-options
nosniff
age
255839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10680
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:28:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 20 Dec 2022 18:27:31 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 03:02:30 GMT
x-content-type-options
nosniff
age
138540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 03:02:30 GMT
1
mc.yandex.com/watch/44453875/
Redirect Chain
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Av...
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1517%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A423974887486%3Ahid%3A225207154%3Az%3A0%3Ai%3A20211223173129%3Aet%3A1640280690%3Ac%3A1%3Arn%3A870567772%3Arqn%3A1%3Au%3A1640280690701251118%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280687844%3Ads%3A0%2C181%2C691%2C1%2C0%2C0%2C%2C620%2C3%2C%2C%2C%2C1617%3Adsn%3A0%2C181%2C691%2C2%2C0%2C0%2C%2C621%2C4%2C%2C%2C%2C1617%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280690%3At%3A%D0%90%D0%B2%D1%81%D1%82%D1%80%D0%B0%D0%BB%D0%B8%D0%B9%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%B4%D1%83%D0%BC%D0%B0%D0%BB%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%81%D0%BF%D0%B0%D1%81%D1%82%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B5%D0%BB%D0%BA%D1%83%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D0%B2%20%28%D0%A4%D0%9E%D0%A2%D0%9E%29%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
a01130d5e5f062ceef312075d64ca5ad02b0dad67af3bd81348efda12411e145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 23-Dec-2021 17:31:30 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 23-Dec-2021 17:31:30 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 23-Dec-2021 17:31:30 GMT
location
/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1517%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A423974887486%3Ahid%3A225207154%3Az%3A0%3Ai%3A20211223173129%3Aet%3A1640280690%3Ac%3A1%3Arn%3A870567772%3Arqn%3A1%3Au%3A1640280690701251118%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280687844%3Ads%3A0%2C181%2C691%2C1%2C0%2C0%2C%2C620%2C3%2C%2C%2C%2C1617%3Adsn%3A0%2C181%2C691%2C2%2C0%2C0%2C%2C621%2C4%2C%2C%2C%2C1617%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280690%3At%3A%D0%90%D0%B2%D1%81%D1%82%D1%80%D0%B0%D0%BB%D0%B8%D0%B9%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%B4%D1%83%D0%BC%D0%B0%D0%BB%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%81%D0%BF%D0%B0%D1%81%D1%82%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B5%D0%BB%D0%BA%D1%83%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D0%B2%20%28%D0%A4%D0%9E%D0%A2%D0%9E%29%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 23-Dec-2021 17:31:30 GMT
close.gif
newsyou.info/img/ 		83 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/close.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:16 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83
Expires
Thu, 30 Dec 2021 17:26:16 GMT
if
a4p.adpartner.pro/tracker/ Frame 64A6 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fdb6e022-4399-450d-8743-19e061e3265a%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO%2522%257D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:30 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
d0361c2d872036b1.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/888203113861444b9679fd18ac98f999/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/888203113861444b9679fd18ac98f999/d0361c2d872036b1.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
4e587a8d5f90b22709912b0548f69048d977d5ec2269089b4a7db398426f5c5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 22 Dec 2021 07:49:06 GMT
server
nginx/1.14.2
etag
"61c2d872-53b3"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
21427
d0361c2d5a16413a.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/e48d07322353444499039b72155cbd14/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/e48d07322353444499039b72155cbd14/d0361c2d5a16413a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2c33cc984e198446e877527a87cc42c9d226ee5dfee4202ca623e924762dee39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Wed, 22 Dec 2021 07:37:05 GMT
server
nginx/1.14.2
etag
"61c2d5a1-4f9d"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20381
img
pix.eu.criteo.net/img/ Frame 3D2C 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&ups=1&v=3&w=800&s=fmjPP_tOetckvQpIdPwjRmzW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c0c23011858c549a6b44a63b806ad7d903442196065e04fba6199c97a30675b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80837
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535995
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
183364
expires
Thu, 22 Dec 2022 19:04:08 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3D2C 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 04:11:53 GMT
x-content-type-options
nosniff
age
566377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 04:11:53 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3D2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cbl-VcbLEYd-PKdKptwfr_Z3gDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAhownIbJ_7I-qAMByAMCqgSAAk_Qidy0Q5Lw9sv8ngldaA2CccbzL5dWZPbDEEhK--jaQjSocUnJw_4uGrKJlgVpmqg693R3LS8y8ZjdEA5Hmb0FZjwElqCVpxrbTzEJS1SrN3OaS9l6W1dTAthmZr0Nmknn9zobDx79WdioQupnbW4bqODuVI0kZtJ-4w2r2Vdc3r2YXoPhvBnY99ltxMG13epPWnxcjoTaMgKVqsRC75LG_s1YZ08Lc3vQs43ATV81603XbDcJZmiKiMrc_RFfnjP-B1UUVHtuzNjB4GWEGkFwMM8ld5ygZKCWlV4iw7sgyYRB1dW5hhTsyW8oIYR9bW-O662UM_DpPp-LFmtUAWyABvibxpa_8pTc1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=nu4-NP0oM9g&uach_m=[UACH]&cid=CAQSGwCNIrLMGZmGdQAqttmfOmUep98jmfG0E2_FXRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.nl.eu.criteo.com/delivery/ Frame 3D2C 		43 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=lYRA-VCR97rQ6zWi_MU_hO6-8y420--r5_aQuH2KfkBLpDjLpIdr6bSPVhrxBTAjSeFFl0qi_hlJVdFja3yCKjfuRRljxpyjE0c3m0IaXPYj_pm9_2Cpsar1RgsQa254dIeAr-jZ8ay_hFHTeMY0ny0NogW6sZNTaHXONKFlgmgagiTS8Yqbzl0Wdokwt79jSMPWU1AeQmsvUprN7bh5iTYHuVpkwgbFlER_Pn81cuy89X3XUR68ospDM0SdqO5fIciNhvWO_hivpbSFQ8EfAaeiACzvM8vnVOpA7qUziO8C5n-m3DBHQMlYEgXN3ssIStRIU5wih80DZtAxYU1FdiYSFwKodnnxxK_v1UVtp3JSPOEOKq1MzmAzt-7lbPU1mx7p2ivR301w7FmN5l4df3koIRUu-SiFQZnrBtPDxuLVLGb7_K56SzpWOBrUGTnGugPb_YVCsWoHehtqpRcAyfs9FbnlUyzb-70Wu2fxfan3BNs36tz0nuoGHN8M4iGSdHW1-2xg-oOk9BOJXdntrYLA-8I&z=YcSycQAKR98K7dTSAAd-6_PDEx_6rVBufB-HYg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7129
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3D2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYrGMAAAnYNiAgIAAAAVVnE9SM7uORBxssRhQcAEQbhaW4QRPXwAEg&wp=YcSycQAKR98K7dTSAAd-6_PDEx_6rVBufB-HYg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
server
Kestrel
server-processing-duration-in-ticks
217482
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame 3D2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CdBMpcbLEYd-PKdKptwfr_Z3gDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAhownIbJ_7I-qAMBqgSAAk_Qidy0Q5Lw9sv8ngldaA2CccbzL5dWZPbDEEhK--jaQjSocUnJw_4uGrKJlgVpmqg693R3LS8y8ZjdEA5Hmb0FZjwElqCVpxrbTzEJS1SrN3OaS9l6W1dTAthmZr0Nmknn9zobDx79WdioQupnbW4bqODuVI0kZtJ-4w2r2Vdc3r2YXoPhvBnY99ltxMG13epPWnxcjoTaMgKVqsRC75LG_s1YZ08Lc3vQs43ATV81603XbDcJZmiKiMrc_RFfnjP-B1UUVHtuzNjB4GWEGkFwMM8ld5ygZKCWlV4iw7sgyYRB1dW5hhTsyW8oIYR9bW-O662UM_DpPp-LFmtUAWyABvibxpa_8pTc1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=Z4iZtf7N0HI&uach_m=[UACH]&cid=CAQSGwCNIrLMGZmGdQAqttmfOmUep98jmfG0E2_FXRgB&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1D80 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Dec 2021 17:04:45 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 1CC0 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 15:37:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:30 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1CC0 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
server
cafe
etag
14559802278604478720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:25:50 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 1CC0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:27:11 GMT
38170-438579-KGr.jpg
i.mixadvert.com/8174/38170/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438579-KGr.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:30 GMT
Last-Modified
Tue, 30 Nov 2021 11:30:40 GMT
Server
nginx/1.12.1
ETag
"61a60b60-4b0f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19215
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438578-259.jpg
i.mixadvert.com/8174/38170/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438578-259.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:30 GMT
Last-Modified
Tue, 30 Nov 2021 11:29:43 GMT
Server
nginx/1.12.1
ETag
"61a60b27-5d4c"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23884
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438575-5yf.jpg
i.mixadvert.com/8174/38170/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438575-5yf.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:30 GMT
Last-Modified
Tue, 30 Nov 2021 11:27:51 GMT
Server
nginx/1.12.1
ETag
"61a60ab7-62ef"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25327
Expires
Thu, 31 Dec 2037 23:55:55 GMT
view.php
ppvesdfiojol.com/ 		2 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/view.php
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
412103001:8
expires
Thu, 19 Nov 1981 08:52:00 GMT
logo_left.gif
file.adpartner.pro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/logo_left.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
last-modified
Thu, 24 Jan 2019 09:25:42 GMT
server
nginx
etag
"5c498496-a79"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
2681
block_head.png
mixadvert.com/images/logo/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:30 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:24 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
102
x-xss-protection
1; mode=block
expires
-1
css
fonts.googleapis.com/ Frame F5D7 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:50:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:30 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F5D7 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
server
cafe
etag
14559802278604478720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:25:50 GMT
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280690&ptz=0&pl=en-US&object=13245&template_id=1280&num=3&ref=&output=json&chash=OymJBnPJUr&extids=&callback=__smiCb1640280689494
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
a2f3c2b861602e257b40d68be8f7b80fd70b0c28e28705e92d414c1045483483
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
jsunit
a4p.adpartner.pro/ Frame F167 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=https%3A%2F%2Fnewsyou.info%2F&0.7884706088651341
Requested by
Host: newsyou.info
URL: https://newsyou.info/wp-content/themes/newsyou/ads/zaglushka-top.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
43dc3983640ba12fb14182f320bc891ae83c1fed2cb433627d036f083260e2b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1CC0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1CC0 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1CC0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:26:44 GMT
truncated
/ Frame 3D2C 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36ec49899d11ed19c5039d0799fb7327f52f139111ef58b186bed6e9b37d23f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
if
a4p.adpartner.pro/tracker/ Frame 7114 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000157179%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22dc9d343b-9764-40ce-8d28-829f92bb9842%22%7D%2C%7B%22ad_id%22%3A2297870%2C%22cost%22%3A0.000109135%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c3891e2a-1a92-4d25-97da-5ca4965c541d%22%7D%2C%7B%22ad_id%22%3A2287865%2C%22cost%22%3A0.0000614353%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22529a7062-ec57-47f2-bfb3-61d0c71eac72%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:30 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
newsyou.info.1122348.es6.js
jsc.mgid.com/n/e/ Frame 3FEF 		239 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
br
cf-cache-status
HIT
age
3385
last-modified
Thu, 02 Dec 2021 15:43:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RC20466EQDSMKB74
x-amz-id-2
wjLf5GDA4qP53hmCzSKeiCACTuV3faSjipVI7ZK729oaeXQf2DBL7mbyK8HhIkpzM1cZE/a+lHo=
cf-bgj
minify
server
cloudflare
etag
W/"3549c59b252a1dff4f0ed90218a6b365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2352ec68a16945-FRA
expires
Thu, 23 Dec 2021 20:31:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame F5D7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:27:11 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F5D7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F5D7 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F5D7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:26:44 GMT
/
m.mixadvert.com/show/load/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7880&id_name=Boscr&teaser_name=NGzQprY&block_name=rdDels&ban_teaser=438579,438578,438575&r=0.9633304251376169&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7880&r=0.486926441430795
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
a0a41dcbd329d868e05e5e9858ff37d168c8d12aeed21067576e474c82bd20f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
adview
googleads.g.doubleclick.net/pagead/ Frame 06F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9te3crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIACT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30ALHx8kttYBIdOyT6ODywtNQFQ05OmqSsql-Nws3dxLqE4KqPjWAAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=CnRl5gnHgRQ&uach_m=[UACH]&cid=CAQSPACNIrLM8imCvzZoX3uiHtdJXzEUyB9BuYA2DQRjX-Xtdb11JW2lKRANGCU1JIE3AMBFFODzHOFJdLTnwxgB
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 06F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gm5vs8f3dsj6ttw69fd0nvmtscs3cs0nhwf5j3ky0savr8z76gpjpa668v6153bn3p8g4tz46x1b8134cnk9edc1z0trgeavhsdfdqrpyw0wzwcxz0gd27rbr2xxs1vxvh12r63cc4e9tww8r8qqhn7cqtrq8kdamay2ahyzhb4r4na29wgkc3xxqs1jwggbgb3rjwnbh5wcx9b8yzfcjcwnxrjjnwx4477fvfjent1ymam85gkggke4cjmcngw2q8yk8b1jqdmjz0ydype2e0mfggxmc7kvs94z4a87ervnwpkta0qy012xx2h8a1w90gs24ayhn2qzgcavb04dsqc9ynk083m4pmkhsphhnz5zq0dsf9fgxnhpa47bf76nxk27rq53xdgyt2y5a4qdzkhhb3ej&b=YcSycgAB-jkGUIIFAAWXNekn6GEGLyn3uvPQhQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:30 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame CC3B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g864nr26ng2exer8cpbbqn1w21b3q6qpbbzxta4rgsfxgpf3h08mzmfweyhzsqyh490xkvs8dfes7v63ep1h7bm3qdzcykgkge2zpe6qxh8tg0a8qkg6zapdkrtb1r5jb9fgr2z0z6y4pxs0zjmtk29gmqw1tmb460xa2tby2h9yh9cz1r3d041xc72xby5e69tyefyf4bsqyzegmx06kjkmhdkwbv22x60ahrghzxg5h1fpayqckc7x5wq8rbse7fa57y3n08g0yy7grgpjc92gnmfssmnfama7tncwkygx35wt55195zyn66j2ft3x6s33tmnkzgk0zrn6n78bxd6nd6nf9ckhv8prmc1cdfs1p8m6wh06q92fh183vg54g92q8nek6xttg6d3x1x411pgf5d5h4y949pcxk41jes88hnrph24&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
490441ac953e6c99ca8ccc03e8a52b19b957bef3e2618f11f31a6f7ca7f500b2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2352ecbbc14327-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 06F7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 63D4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 05:53:44 GMT
expires
Fri, 24 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
41866
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 06F7 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 06F7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:26:44 GMT
l
www.google.com/ads/measurement/ Frame 06F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGVCjDhqXDxymIf8paiacsa6ZacFEJBUg2hsn2QAWJvJuaysv02hHtgwPfV0oz3qRAY3fIGMg_OK2TnaaoCiYskMwhuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
img
pix.eu.criteo.net/img/ Frame 1CC0 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&ups=1&v=3&w=800&s=fmjPP_tOetckvQpIdPwjRmzW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c0c23011858c549a6b44a63b806ad7d903442196065e04fba6199c97a30675b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80837
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535995
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
183364
expires
Thu, 22 Dec 2022 19:04:08 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1CC0 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 04:11:53 GMT
x-content-type-options
nosniff
age
566377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 04:11:53 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1CC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1fJxcbLEYZThMcOwngXQ7ZqwA8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjP6b8C-rI-qAMByAMCqgT_AU_QE9VigSETbUjks7EPwnkC9aTK4-i4xnHpknk4LFrG0pznAmCTHPYfodrcslNRSZa5yasoTOpAC3SyFLeiwsM5xdFQ3yY3Es0AJ2e4tvcmZWN8iVIG7jaoaXSgzqS15w5ietHNP7lIdXGYv6XlHFyaPz66nIaQFO3HmMm0J2lpQoNewldetYtmY47J_JvPnqAC901AC6Zro9N1RwSRJ8PXXlk6BzdFt_7tVCQ9dvG044gZWje00JioSAAgLxEJutkr5c9WVLiVcMpuadEchz905xy0B7Oy9M6vB5LVnE9SoY0uciDX82D9lgEM9MAOCBlvlpRzx9ej-tt0GsBC7IAG-JvGlr_ylNzXAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=RDVMCGWiyo4&uach_m=[UACH]&cid=CAQSKQCNIrLM1_UeslZGZvQX3_pbiDG1ux1W0NoRS907vUZIWM0sw3kaYNWNGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.fr.eu.criteo.com/m/delivery/ Frame 1CC0 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lgn.php?cppv=3&cpp=fyyBwFCR97rQ6zWi_MU_hO6-8y7zRVbgtIENqU_8e0ick4OoxJWm0lo_b_fwCGAF3ib5ztCdaX8Z_EwYQMsS4HjZdPPTdRvJgQ4sb8tYntDkgV2YcdJPpj87JuDGcuvRh8TK6apwDXnxQ9SO5eoKKRyamgAoYjgh5ZYBGbJDB_njtStyzRm76Uapb7Y-N4Qls5nLWvvj9yxvjavjVreKvBMgVY8ZP4tKAtgjU_qv985BDE75fnA_uaSy-amEhJCwg7cp4K_VJB02tlpd0fh_Qe9YbfPvJ4u3GScSWNC8yZpn7SbZkc-o_YHPdF2sLlA9FVv5rOC6d8IP7V19RuT8bam055vqWLgyPiDFkfDjakbVZ1fr9AH8vFN05gum5tD9PGWLE3ohBEg7MxUpgOBQtHjv61QwmLQ-ydXfdBhNHPOuUTUU3bV_JhZ7eoE6SGsA73NswUqCtRMrftv2oCwOQe-uAteTFTkGTss0RNvE9SPCuI6a8OWAXxbxTiYYWwGxyU-USIwGuPPWVXuapqhD7EI_cKc&z=YcSycQAMcJQKp5hDAAa20PfAYfX3AL2_14GANw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5018572
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 1CC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYrGMAAAnYNiAgIAAAB7oL4v5Jt7zBBxssRhQNL0uBUelI-zvm0AEg&wp=YcSycQAMcJQKp5hDAAa20PfAYfX3AL2_14GANw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
server
Kestrel
server-processing-duration-in-ticks
215884
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame 1CC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbY_JcbLEYZThMcOwngXQ7ZqwA8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjP6b8C-rI-qAMBqgT_AU_QE9VigSETbUjks7EPwnkC9aTK4-i4xnHpknk4LFrG0pznAmCTHPYfodrcslNRSZa5yasoTOpAC3SyFLeiwsM5xdFQ3yY3Es0AJ2e4tvcmZWN8iVIG7jaoaXSgzqS15w5ietHNP7lIdXGYv6XlHFyaPz66nIaQFO3HmMm0J2lpQoNewldetYtmY47J_JvPnqAC901AC6Zro9N1RwSRJ8PXXlk6BzdFt_7tVCQ9dvG044gZWje00JioSAAgLxEJutkr5c9WVLiVcMpuadEchz905xy0B7Oy9M6vB5LVnE9SoY0uciDX82D9lgEM9MAOCBlvlpRzx9ej-tt0GsBC7IAG-JvGlr_ylNzXAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=Uz4_66VIEjg&uach_m=[UACH]&cid=CAQSKQCNIrLM1_UeslZGZvQX3_pbiDG1ux1W0NoRS907vUZIWM0sw3kaYNWNGAE&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3C68 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C68 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3C68 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:26:44 GMT
l
www.google.com/ads/measurement/ Frame 3C68 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXHUHAdERSG2sGSE4coGNCw0LpXpoz6TDo19h8gVPXHqyegq0Iqja_zTgzBYH0zOhQWtU81v9jLvoIpM_SMD0ZPcRW5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
img
pix.eu.criteo.net/img/ Frame F5D7 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&ups=1&v=3&w=800&s=fmjPP_tOetckvQpIdPwjRmzW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c0c23011858c549a6b44a63b806ad7d903442196065e04fba6199c97a30675b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80837
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535995
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
183364
expires
Thu, 22 Dec 2022 19:04:08 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F5D7 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 04:11:53 GMT
x-content-type-options
nosniff
age
566377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 04:11:53 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F5D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CASHBcbLEYZChNpG6ngWAnaXgCsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjTclTQ97I-qAMByAMCqgT_AU_QzfRl0PKQIScOEqKa0DXBJyVA_zfQJK0xvO79nWw0rJa9e046pvuXs3TMumARRrcuTmIRB1BbYFbDfhdSMTzpFBGkABKPY1qL1qgcA34aQ3Jtbt8sHqFC361L1qOc28Uv7hd_GmBqtTpTRcQA13iHfZKIu6P2japFyH9E6mHYYZTu_AorcLxz0UluYLUH20S2IXYDRvHpcJrumGNL8pQjsNGGUaKs-kYl0WTyvRygXKMYS5OjCu4SyRh4OSb4WhI2UBbinUkfJ6ioLoELJ-B_YrP05Sx0KiTnGO0vtCo-8d2iDCHtVecwzlblb8-irNVU44D_QyXtloF1sIL5i4AG-JvGlr_ylNzXAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=WVIpik9m9OY&uach_m=[UACH]&cid=CAQSKQCNIrLMSSTm9mxzWS2v98Eh-ypNxO3B7zoz-ZoYO7-wro1KPVMbe_DYGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.fr.eu.criteo.com/m/delivery/ Frame F5D7 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lgn.php?cppv=3&cpp=X4RO2lCR97rQ6zWi_MU_hO6-8y68RaTIAA4WSo9oOTyFqRuot6y3_XIYZf809t7mFL17yEtsSHI_DpPOqXQq1fYyGYDOSryCP0XaEytptvgFj6qesyPmRiUcI6k2H1dzVTepu_DFB0V-MW0LUNdnbC6WGBQtYQUFVaDm84MmTSitchyBV1GHAxwP35U-LG7zCpnUn3S3jMxihNUy6VVqPqTpDJW5JMzwVHqHwJlV6S_QMD8zBNOLF8gdlj7yUURvr6_UCMSxkevdH4nJ1lGu8xI0ei4yj0ZL0kJAN4r-8O7M0zZoLNaH_AcZ_2xLnzyMq5S6w2YKUNcR9bnNvJDU4eS7vj6J5e9-fxQu3laJJK-UnwIBk0eW201JGtehTA-kAAt8nEbcLjRkXiElq93RHEdsc6XUJWO3uNmpTXttOVp0ZNYhfZTZi3sHJCP1aXlQ3kPlbthVvlcumJEegvm8M_cApBel6gCbKkhjoAywcFCBvPjCTDtbITK9oW9so_TohBk7BYQpnN9_yEoXYifVlyoC9FU&z=YcSycQANkJAKp50RAAlOgAwEv-w5XjKDoA2ywQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2766986
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame F5D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYrGMAAAnYNiAgIAAAAVVnE9SM7uORBxssRh7rLgYLRaOV28xAUAEg&wp=YcSycQANkJAKp50RAAlOgAwEv-w5XjKDoA2ywQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:29 GMT
server
Kestrel
server-processing-duration-in-ticks
238925
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame F5D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CW7J_cbLEYZChNpG6ngWAnaXgCsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjTclTQ97I-qAMBqgT_AU_QzfRl0PKQIScOEqKa0DXBJyVA_zfQJK0xvO79nWw0rJa9e046pvuXs3TMumARRrcuTmIRB1BbYFbDfhdSMTzpFBGkABKPY1qL1qgcA34aQ3Jtbt8sHqFC361L1qOc28Uv7hd_GmBqtTpTRcQA13iHfZKIu6P2japFyH9E6mHYYZTu_AorcLxz0UluYLUH20S2IXYDRvHpcJrumGNL8pQjsNGGUaKs-kYl0WTyvRygXKMYS5OjCu4SyRh4OSb4WhI2UBbinUkfJ6ioLoELJ-B_YrP05Sx0KiTnGO0vtCo-8d2iDCHtVecwzlblb8-irNVU44D_QyXtloF1sIL5i4AG-JvGlr_ylNzXAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=Z5RLjtwwbx0&uach_m=[UACH]&cid=CAQSKQCNIrLMSSTm9mxzWS2v98Eh-ypNxO3B7zoz-ZoYO7-wro1KPVMbe_DYGAE&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame BFA9 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Dec 2021 17:04:45 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B830 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 05:53:44 GMT
expires
Fri, 24 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
41866
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame E16D 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Dec 2021 17:04:45 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2789 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 05:53:44 GMT
expires
Fri, 24 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
41866
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jsunit
a4p.adpartner.pro/ Frame F167 		28 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&unit_id=2489&shown=&session_pageview=1&session_id=680e3b6d-f64e-4f54-952f-8379e8c76ff1&site_visited=1&ref=https%3A%2F%2Fnewsyou.info%2F&reload_count=0&banner_num=1640280690600003433&is_in_viewport=1&location=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2489&ref=https%3A%2F%2Fnewsyou.info%2F&0.7884706088651341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
6872aabc6aa86d159dcb1452a0d3f2e1cb69caf780db52d08b7f7607ed29d9b8

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 23 Dec 2021 17:31:30 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
adview
googleads.g.doubleclick.net/pagead/ Frame 3C68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cs4I9cbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE-QFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pjwbxPAbMCqRzzMz8lMIesDWVTFLpgB2kjC891hJ0yckfAKXUtziABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=UVzyCwq3kQo&uach_m=[UACH]&cid=CAQSPACNIrLMSHKntdDo8o2dtehrNs0FHHXtx9qhiyXk8AnJl8QMYxmo3Pkuntq5MM8bc2QowVQFpLjO1WuvjhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 3C68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g352tebnb8v62c37brhygjatt00m6y65z09sf2sfewshkpga44111wd45yhyss50xkkrqx66whhetwhcjgk6z8jpandetza38b8nfmwp4wy584hjex2nbjjw3b4sm057gb6d3bc06g2r4ydq4m00eqnentsh3shkbnsqspwhv8sfpv5wm60v0yjhhmv4qa1xbp685gp0jbh3z1te40qk8qcmj5x88j5q5k5kczz8kt7fg2h1szapkbyf2bme72k1e8zmewxd0qkjx7egbvvtx2hv5gmev8fxdtsp4g1yqbm4bt9mnk7v773ngaajgden0qpxgcdaww2kf1enekkf21kdgg4fg639c3mq404npzb36q7wyjwyvckad7akak92b3d4j26vy5xky06te630tvx4fd02&b=YcSycQAOZRIKp5aiAAW69y2PafMNzYQ4MH3-hw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:30 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 9920 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gfn9k76kd74fcykvbrjww87mqr9y8pm103p1dpmwh341pcvpg18f9nax10c7t7kt2bygf84dv8r6wdp38wvygzeybdp486pxj5tw5pjfc36ys67a584bzm4bde9706b8agtpn1agwwsjq0st6a676srqzm4wd68a37x5dsrz1fsg6mfm9c0wfkpswd19gj21s0j30c2xw1k1acsd5z0w83wgj6hvrx7249mj331qh7w6h4zbcymk7dcsbmkt5p81f14jx96qcb05539qd1jtdh1bxqsbzjmd8r7ffnnw6b4d0zwrcskx84zr5m9tasbs1hwx9yrmrgdjhfx3zzfneatmdhmtx7emdf0sfjnk54hbjpej1n9fjjbs6079xhw5p3jav8sfpapjr74ae5nskq0xxchgfhjjgq8p598qfht2pw3vg9hp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8473797be0b563e1c92469932dd814fa7c88385bb5821effa6e5be11c2195405
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2352ed7c920f56-MXP
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DB5A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 05:53:44 GMT
expires
Fri, 24 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
41866
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
informer
data.24smi.net/ 		694 B
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280690&ptz=0&pl=en-US&object=13248&template_id=1282&num=1&ref=&output=json&chash=OymJBnPJUr&extids=&callback=__smiCb1640280689495
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
558dbaad55245ea77b644222f1fc53449e83f54e30b71104ea6e0c55e570d88f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
content-length
694
truncated
/ Frame 1CC0 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237b702106249000fe1855d0d7649126cb0c18c4703b6dee0444e408c2eaf3ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame EA83 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246658_0b9d7dee25.jpg
zn3.2xclick.ru/img/400x400/658/ Frame EA83 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/658/1246658_0b9d7dee25.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
ccd0d28962618c48f75fc894dde961d87f9bf9c1a45ed23e0ffc27eabcad7bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 23 Dec 2021 12:06:42 GMT
Server
nginx
ETag
"61c46652-aafb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
43771
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246215_a759d52860.jpg
zn3.2xclick.ru/img/400x400/215/ Frame EA83 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/215/1246215_a759d52860.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Wed, 22 Dec 2021 19:54:14 GMT
Server
nginx
ETag
"61c38266-6301"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
25345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1244512_522adf9380.jpg
zn3.2xclick.ru/img/400x400/512/ Frame EA83 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/512/1244512_522adf9380.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
b740943c9b48e08e798cb5d60e05c7a80c02fd526b98d7a38b6ab5a67ae03987

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Mon, 20 Dec 2021 12:15:49 GMT
Server
nginx
ETag
"61c073f5-5c7a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
23674
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&tizer_id=13977&r=0.37931220189883685
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
content-type
image/gif; charset=windows-1251
/
m.mixadvert.com/show/ Frame 3FEF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.6630212333145746
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
457209948488419d46e3c984bd166f1a8c1aa2907da4726677bdc62a60767154
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
truncated
/ Frame 06F7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a36bc3320994bc36acffe86b4bed2212cdb3e84d38a739b813c3fba3e9f1066

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C466 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C466 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C466 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:26:44 GMT
l
www.google.com/ads/measurement/ Frame C466 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLJxdGL8TT-ipjrTTY3p7bjRgj8F1WA1kfGujOM18OV-uQPOm4HyteOk7gx0an_dmHdwcSgKHiRyJr1A2_Cp4wy4AccA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
truncated
/ Frame F5D7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd2d931747f474519f0b61a2cc093cf55b6345f55c5248e56eb70049de3fdef4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame AD1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQoO1crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoE_wFP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnICp9rP6ccAVCNLq_Tz9DEUnnJ9jTLzKPZsH69oZIzocvu8TcH-feABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=vM6kVCqzhrc&uach_m=[UACH]&cid=CAQSPACNIrLMeDncffdz0CBsmPphfB7j6-W7hxG37K2W00kjP1ePhlaPaKEH4WI5WagDdfBymhxuuHOfWl92ExgB
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame AD1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j33xy0g714090npgydkm9p6mmjv059ekyajy7pzhecctynp651jxmgaapwfj0rmdx1px8ds0k75ptcven9gjtqyd8sz7mc16tktthfnyeaa5ad2tghdp6y7jng4ee57keh7cksdv4jtj80yhc8rztwmgfm1ydb9evhq8v0v8b2ksjpjapknhss1v0bpfh676rpawg59qvvzsf8jythm8rdg90b8rxnhk44gzqy35mc0zqt396ms5q8hwf0s5qa2y0hyd1syg68csmyaswfg1s0vz1xkwd62vm5rxr3wc9snnszpx3cqx1q2ydvghp127x2zdgpnyt2j7sxty9bdgm77mdfyr5k13kextm66sk6t4za9qn0qx3rvsy1cet1x1geez0gvsw4ay5kt6rycy391x44zc&b=YcSycgAD27kKp50DAAvXGAPxzzoDw7CxzCBV_A
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:30 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame F6E7 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hq5fbn8nm71atxkd8ks3k0n9wcv1q2meryyftnc8n59mgbvjb2dq3a0vs8zf2h408ngh9r9rvrpe5wq1a3033bgvbgay9ws3jf4ty8cw37z68phjsa7t34fg05t4vcsbmw62gwv0s229n333x28m912ch0wqx13xjb6egvqctg1mzjwh1ezmgavwkv3ys193gg8ejx3z285hb3fkx2n57jsv5k6en0s914gjcr6jerh5nqzqgz67fcd77fhcdcksvjsjnc4d9kdcy74ftzmj21xrz9vyy9bsjg5m5pzzzd2wvv8da0h2qcc5wtxbj51jpj0we4k0ab3sbp3dmrj6aa85zc9rm97184a9587mrdqtd6bwc2dxfbpb9bbx1c4ddzth8q1emm1dd88fgjzmd6zy1z3ezdc00tn9srk2s0reyzt154yw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23d4ff56472c50842f5abc21d8d64e03cfb011f0975907cc17c25db04da75b94
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2352ee2d9f0f56-MXP
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame AD1F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DCCE 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 05:53:44 GMT
expires
Fri, 24 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
41866
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD1F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame AD1F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:26:44 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame CC3B 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g864nr26ng2exer8cpbbqn1w21b3q6qpbbzxta4rgsfxgpf3h08mzmfweyhzsqyh490xkvs8dfes7v63ep1h7bm3qdzcykgkge2zpe6qxh8tg0a8qkg6zapdkrtb1r5jb9fgr2z0z6y4pxs0zjmtk29gmqw1tmb460xa2tby2h9yh9cz1r3d041xc72xby5e69tyefyf4bsqyzegmx06kjkmhdkwbv22x60ahrghzxg5h1fpayqckc7x5wq8rbse7fa57y3n08g0yy7grgpjc92gnmfssmnfama7tncwkygx35wt55195zyn66j2ft3x6s33tmnkzgk0zrn6n78bxd6nd6nf9ckhv8prmc1cdfs1p8m6wh06q92fh183vg54g92q8nek6xttg6d3x1x411pgf5d5h4y949pcxk41jes88hnrph24&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g864nr26ng2exer8cpbbqn1w21b3q6qpbbzxta4rgsfxgpf3h08mzmfweyhzsqyh490xkvs8dfes7v63ep1h7bm3qdzcykgkge2zpe6qxh8tg0a8qkg6zapdkrtb1r5jb9fgr2z0z6y4pxs0zjmtk29gmqw1tmb460xa2tby2h9yh9cz1r3d041xc72xby5e69tyefyf4bsqyzegmx06kjkmhdkwbv22x60ahrghzxg5h1fpayqckc7x5wq8rbse7fa57y3n08g0yy7grgpjc92gnmfssmnfama7tncwkygx35wt55195zyn66j2ft3x6s33tmnkzgk0zrn6n78bxd6nd6nf9ckhv8prmc1cdfs1p8m6wh06q92fh183vg54g92q8nek6xttg6d3x1x411pgf5d5h4y949pcxk41jes88hnrph24&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695187
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2352ee3da70f56-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame CC3B 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g864nr26ng2exer8cpbbqn1w21b3q6qpbbzxta4rgsfxgpf3h08mzmfweyhzsqyh490xkvs8dfes7v63ep1h7bm3qdzcykgkge2zpe6qxh8tg0a8qkg6zapdkrtb1r5jb9fgr2z0z6y4pxs0zjmtk29gmqw1tmb460xa2tby2h9yh9cz1r3d041xc72xby5e69tyefyf4bsqyzegmx06kjkmhdkwbv22x60ahrghzxg5h1fpayqckc7x5wq8rbse7fa57y3n08g0yy7grgpjc92gnmfssmnfama7tncwkygx35wt55195zyn66j2ft3x6s33tmnkzgk0zrn6n78bxd6nd6nf9ckhv8prmc1cdfs1p8m6wh06q92fh183vg54g92q8nek6xttg6d3x1x411pgf5d5h4y949pcxk41jes88hnrph24&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72205
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcMHELkwEdTW2e6sZR23nw01NLNxo4KfIrGoK12Mubj%2FzTjr84BDiUJneeL8XP3S3wezJflliEX0sJGfWKjQWd0viJdI40MvWwESmXbnd7sOSikN%2Fa5Rn3cszYxn2pJktEacjwI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Wed, 22 Dec 2021 21:28:05 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c2352ee3f7d4327-FRA
cf-bgj
minify
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=212162&f=2&ref=https%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
0c95217de419320bc425e8d25622f90f2954a4c18f82b70279a157d69f47b6ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:52:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:30 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C466 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAvQGcrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoE_wFP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbiRSNV6cYXXlI-HyqO5Z46InuEBI7qx1XgndaCA3vYtAJkUSGIN2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=tJnjdUfD8qw&uach_m=[UACH]&cid=CAQSPACNIrLMv_rM3NmB6A5HNwGKMR2CSvr997AnpYIkqpgvbAWMlW68htB58R_4tpyAi8NxnvvQfCkRjkBLzRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame C466 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kxn85cz9jh8hr7mbqv3qgd9acfdssej22q08j3xbmmfv14rpe050cdqdfkvvqgftqm2jatbhekegejfvmn2pacnev20s54b1ae0x89sjmn9d209ysqvt40tve3sb7ms5mhn18n72sbskm4ncs65c9qh9nf9af2emq6zqm4symx0efw1jf6mzdf8yvw679xqdhvsat6jghym5bxvc2tgdn3w0rk7g7wy9hwnk29z5q43e2y1bqmx47e74kjdhvvgneyhsc9dv2414rp76v0qh1ge72k2r4xrjz5pttw1xnjngfwt96ff4jn647n2erh69zcp9qzyewnwsmhz54wq5nwncr7k6mp8h0nztprnkn5d75dcg5x80bazg2bgkkgp7ck7tx6wz4wp8asrk50adcr0c1yqm&b=YcSycgAAxnAKp5PFAAuVrc46Lt6FQ9VsPVYi1w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:30 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A2ED 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g2d19edekd8pddx46nhmbfwr29ptcq41b51gwqjn855xy3sywxcpvfznvhkzhv7w4gnh1a12qtz2t0x23ae37qzpajz6pprvpap3prfcs3pqhv4ttm3y06v4vyg3pms9g4kv56mjcqrh0ptpfvwb0kc7vbw1tey9eyk92gf5qp2p37zd20a4xrf7v2vjtj0v04vmrh70ekg6s6snhrwtmqahfbdx1sq965ttv9r9610zzwf9c6zqk8a24zakae9eac6bbkr2bw0pevj5cwsg4m1f9dq5fnpj4gd31a3ersgyjzs6v7hrbvyd32tmzgat4qp6dvnavz1b1ra2tm5c6k34y8jqa2k5mjdy8d6fqj4txa1mqqmk3597fw06taa3a4dvtd4ewn03007swt0zjze3pjvzd271syw0che90v2t82xhgz4y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9c0d622fbba508019a4449cd560b501fd1c1367a117e43f806ad5747dcb2e1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2352ee5dd80f56-MXP
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 80DF 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 05:53:44 GMT
expires
Fri, 24 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
41866
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1D80
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3148035073&adf=1110142625&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689408&bpp=2&bdt=567&idt=236&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=im02QqFvEc&p=https%3A//newsyou.info&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:31 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:31 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:30 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
m.mixadvert.com/show/load/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=6822&id_name=dlNYs&teaser_name=NRmzlce&block_name=BkbmFT&ban_teaser=438579,438578,438575,438575,438578,438579&r=0.9008132087870213&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=6822&r=0.7983827190963799
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
d0d66802557812dd25242f4e6d136a16f527e374c83382f9d67efe1109d824dc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 04:11:53 GMT
x-content-type-options
nosniff
age
566377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 04:11:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
532302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 13:39:48 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 08:01:19 GMT
x-content-type-options
nosniff
age
207011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 08:01:19 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:18:23 GMT
x-content-type-options
nosniff
age
245587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 20 Dec 2022 21:18:23 GMT
truncated
/ Frame 3C68 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3ebfef0ef54cf28346421dd778b04c8d999bce8c1eb4da217f19a450c238c37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280690&ptz=0&pl=en-US&object=14482&template_id=783&num=3&ref=&output=json&chash=OymJBnPJUr&extids=&callback=__smiCb1640280689496
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
3e962b756b18f4912ebffe0e6df36a46fe41cb82d6847c7b1c1bb02a96543775
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:30 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
dpixel
cms.quantserve.com/ Frame 63D4 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGtu5HYYACtF9Sf2bCG_hQo&google_cver=1&google_push=AYg5qPJpQSdROzU128CevcpDiaaEiQowXfURkNh9y5N2lBCSmsSziyZf8okstfY1ewe39WKAY7PiCmGUv-RVbz3NeLNniYHf7Vs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 63D4
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLrBJTU8OF5WOmDvlRMIKUFMprTyN1dmE-NAGL...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWN3QUFCZGRYa0F3aw&google_push=AYg5qPLrBJTU8OF5WOmDvlRMIKUFMprTyN1dmE-NAGLYfwlQ8Dd4LByKFmYUATZqUA58u4EXS6VuyiKgJV0W7_is4WYnf1VwIKw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWN3QUFCZGRYa0F3aw&google_push=AYg5qPLrBJTU8OF5WOmDvlRMIKUFMprTyN1dmE-NAGLYfwlQ8Dd4LByKFmYUATZqUA58u4EXS6VuyiKgJV0W7_is4WYnf1VwIKw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWN3QUFCZGRYa0F3aw&google_push=AYg5qPLrBJTU8OF5WOmDvlRMIKUFMprTyN1dmE-NAGLYfwlQ8Dd4LByKFmYUATZqUA58u4EXS6VuyiKgJV0W7_is4WYnf1VwIKw
Date
Thu, 23 Dec 2021 17:31:31 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 63D4
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFpOmAR_y_YD7P5Q7U-IClM&google_cver=1&google_push=AYg5qPLxHTcR4WPe5eZGfAPguuL_mJVeqgeLw1om5g4joPlawaQXtUv8T9kgFJMZCIqcK4YhXzJHdH_NEh7A8-fdBW1QS7l3IPk
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLxHTcR4WPe5eZGfAPguuL_mJVeqgeLw1om5g4joPlawaQXtUv8T9kgFJMZCIqcK4YhXzJHdH_NEh7A8-fdBW1QS7l3IPk&google_hm=Q0FFU0VGcE9tQVJfeV9ZRD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLxHTcR4WPe5eZGfAPguuL_mJVeqgeLw1om5g4joPlawaQXtUv8T9kgFJMZCIqcK4YhXzJHdH_NEh7A8-fdBW1QS7l3IPk&google_hm=Q0FFU0VGcE9tQVJfeV9ZRDdQNVE3VS1JQ2xN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLxHTcR4WPe5eZGfAPguuL_mJVeqgeLw1om5g4joPlawaQXtUv8T9kgFJMZCIqcK4YhXzJHdH_NEh7A8-fdBW1QS7l3IPk&google_hm=Q0FFU0VGcE9tQVJfeV9ZRDdQNVE3VS1JQ2xN
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 63D4 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBqRHCOSPnPHeZVrnfAVKCM&google_cver=1&google_push=AYg5qPJcWqp0PhcXq9DdNeixprojXbWbSCRuSFtkMJDxUg_Tn6RqzdoNCOhXLjeUfgl6rLMsIxAEUZCOHTBRozJHVUaFE6JDoDk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
alu42t1g9n8oj984k6hsf40hsfb2c4cp
pixel
cm.g.doubleclick.net/ Frame 63D4
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJVKIs9NZUVfPT1CNOm4XjUVSO2DPIbsGqfhiTC2TwVZZHZpTkTO8-H1eSqIq5hqJ-cKO3MxLGyc8y7QpXrpVv6ur7q4g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJVKIs9NZUVfPT1CNOm4XjUVSO2DPIbsGqfhiTC2TwVZZHZpTkTO8-H1eSqIq5hqJ-cKO3MxLGyc8y7QpXrpVv6ur7q4g
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 63D4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC3xAoYJgw9_0xzLZwW-2Rk&google_cver=1&google_push=AYg5qPLoJTxjlCpSlS3KR5Qifdh8P7x7zUwpskpJYVrRC1NGnXgmhQ2dsydOI8ccIAWFsJ-TCBJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJUQ0otRi04WjZC&google_push=AYg5qPLoJTxjlCpSlS3KR5Qifdh8P7x7zUwpskpJYVrRC1NGnXgmhQ2dsydOI8ccIAWFsJ-TCBJSnp2YYjtET5aPVu60gG3tltI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJUQ0otRi04WjZC&google_push=AYg5qPLoJTxjlCpSlS3KR5Qifdh8P7x7zUwpskpJYVrRC1NGnXgmhQ2dsydOI8ccIAWFsJ-TCBJSnp2YYjtET5aPVu60gG3tltI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJUQ0otRi04WjZC&google_push=AYg5qPLoJTxjlCpSlS3KR5Qifdh8P7x7zUwpskpJYVrRC1NGnXgmhQ2dsydOI8ccIAWFsJ-TCBJSnp2YYjtET5aPVu60gG3tltI
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 63D4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWA...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 63D4 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYCg0InHfxNlhyJU8yKyV-dFAPgmgYw4v0ZWfH6X_Nj1M9LxaRr4ef3HI__XjOYwFOADm2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280690&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=571&idt=681&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=2450&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=gwjeqwQqV4&p=https%3A//newsyou.info&dtd=690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 9920 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gfn9k76kd74fcykvbrjww87mqr9y8pm103p1dpmwh341pcvpg18f9nax10c7t7kt2bygf84dv8r6wdp38wvygzeybdp486pxj5tw5pjfc36ys67a584bzm4bde9706b8agtpn1agwwsjq0st6a676srqzm4wd68a37x5dsrz1fsg6mfm9c0wfkpswd19gj21s0j30c2xw1k1acsd5z0w83wgj6hvrx7249mj331qh7w6h4zbcymk7dcsbmkt5p81f14jx96qcb05539qd1jtdh1bxqsbzjmd8r7ffnnw6b4d0zwrcskx84zr5m9tasbs1hwx9yrmrgdjhfx3zzfneatmdhmtx7emdf0sfjnk54hbjpej1n9fjjbs6079xhw5p3jav8sfpapjr74ae5nskq0xxchgfhjjgq8p598qfht2pw3vg9hp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gfn9k76kd74fcykvbrjww87mqr9y8pm103p1dpmwh341pcvpg18f9nax10c7t7kt2bygf84dv8r6wdp38wvygzeybdp486pxj5tw5pjfc36ys67a584bzm4bde9706b8agtpn1agwwsjq0st6a676srqzm4wd68a37x5dsrz1fsg6mfm9c0wfkpswd19gj21s0j30c2xw1k1acsd5z0w83wgj6hvrx7249mj331qh7w6h4zbcymk7dcsbmkt5p81f14jx96qcb05539qd1jtdh1bxqsbzjmd8r7ffnnw6b4d0zwrcskx84zr5m9tasbs1hwx9yrmrgdjhfx3zzfneatmdhmtx7emdf0sfjnk54hbjpej1n9fjjbs6079xhw5p3jav8sfpapjr74ae5nskq0xxchgfhjjgq8p598qfht2pw3vg9hp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695188
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2352eeae6e0f56-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 9920 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gfn9k76kd74fcykvbrjww87mqr9y8pm103p1dpmwh341pcvpg18f9nax10c7t7kt2bygf84dv8r6wdp38wvygzeybdp486pxj5tw5pjfc36ys67a584bzm4bde9706b8agtpn1agwwsjq0st6a676srqzm4wd68a37x5dsrz1fsg6mfm9c0wfkpswd19gj21s0j30c2xw1k1acsd5z0w83wgj6hvrx7249mj331qh7w6h4zbcymk7dcsbmkt5p81f14jx96qcb05539qd1jtdh1bxqsbzjmd8r7ffnnw6b4d0zwrcskx84zr5m9tasbs1hwx9yrmrgdjhfx3zzfneatmdhmtx7emdf0sfjnk54hbjpej1n9fjjbs6079xhw5p3jav8sfpapjr74ae5nskq0xxchgfhjjgq8p598qfht2pw3vg9hp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9344
x-guploader-uploadid
ADPycdvct9lgBjn65AsNThnNOmywsZURvzdGcx1Yfei2yedHXlIa7dRt2-EjUUkon85Ifqq449wHNtW_AtkeW1PPqad3whXyvg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXrPmxlC%2Bq7I2xEgtPb2VLb3AobxGI47O7sfYGiTMcm%2B1PAhzqxi07i2JftHsa%2FW%2BD2If4Y4cIT5NNvWpcuhV1yZph2mln0xV%2FPBuaUe4UzFPhMIZiviqsh3s%2BE5BLRXSHrqhnk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c2352eeae720f56-MXP
expires
Thu, 23 Dec 2021 14:55:47 GMT
jquery_1_7_2.js
m.mixadvert.com/show/application/js/ Frame 3FEF 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/application/js/jquery_1_7_2.js
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.6630212333145746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 /
Resource Hash
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Mon, 17 Oct 2016 18:47:41 GMT
server
nginx/1.12.0
etag
"58051ccd-17278"
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
94840
expires
Thu, 31 Dec 2037 23:55:55 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CC3B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783005
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtUufUssDhvAIaQh0s6lEmrQjV3VgeoWCYoE2cCQYtWMU8I7kXwFUNQLyhscSdk5%2BJqRnMBW%2FRJKW0hhQHA4Bf17UkKk%2FQuNCFwXvO3xFDdQ4%2BIYA%2BdfuFaPrJxkioV5N3jLXlQd1dDW2wXCzsX9qAiI"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c2352ef5efd83be-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
css
fonts.googleapis.com/ Frame F167 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 15:53:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:31 GMT
1px-matching-adpartner.gif
t.trafmag.com/images/ Frame F167 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
match
a4p.adpartner.pro/ssp/ Frame F167
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=fdb6e022-4399-450d-8743-19e061e3265a
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352ef2ecd6945-FRA
content-type
image/gif
match
a4p.adpartner.pro/ssp/ Frame F167
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=fdb6e022-4399-450d-8743-19e061e3265a
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352ef2ed06945-FRA
content-type
image/gif
fdb6e022-4399-450d-8743-19e061e3265a
s.uuidksinc.net/match/272/ Frame F167 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/272/fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
fdb6e022-4399-450d-8743-19e061e3265a
recreativ.ru/mtch/31/ Frame F167 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

hn
b23
date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/ Frame F167 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
alt-svc
clear
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/ Frame F167 		49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.150.44 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
sender.premier.one
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
x-backend-id
f25-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ Frame F167 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:25 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
121
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ Frame F167 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=fdb6e022-4399-450d-8743-19e061e3265a
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/ Frame F167
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F72B2C4611C05104E02DF0F81
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F72B2C4611C05104E02DF0F81
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F72B2C4611C05104E02DF0F81
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/ Frame F167
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F72B2C4611C05104E02DF0F81
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F72B2C4611C05104E02DF0F81
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F72B2C4611C05104E02DF0F81
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/ Frame F167
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/ Frame F167
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/ Frame F167
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=2fea7b74-a56a-4499-5ac7-675220c33abb
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=2fea7b74-a56a-4499-5ac7-675220c33abb
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=2fea7b74-a56a-4499-5ac7-675220c33abb
date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/ Frame F167
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=ed3d774a-0b3d-4de2-649c-6bd8d28d10b3
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=ed3d774a-0b3d-4de2-649c-6bd8d28d10b3
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=ed3d774a-0b3d-4de2-649c-6bd8d28d10b3
date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame B830
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB1mUP8ZdHDTVPWIeZbeHBY&google_cver=1&google_push=AYg5qPK8USE2L0o3LW9CytMx2gNonzLsT-WYnoSYgV3vAcQuYSzNP4cezF...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8USE2L0o3LW9CytMx2gNonzLsT-WYnoSYgV3vAcQuYSzNP4cezFUioGSf3DXf8peL3CljDiXCJBy_B6Zki9r_B3DDLkWB9Jl_D3hfuEuL-Lshr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8USE2L0o3LW9CytMx2gNonzLsT-WYnoSYgV3vAcQuYSzNP4cezFUioGSf3DXf8peL3CljDiXCJBy_B6Zki9r_B3DDLkWB9Jl_D3hfuEuL-LshrpKdF32CJMrX3HjGzgdlGw15w10h1MzkCz31-cA&google_hm=OM8BTVHntGDYtSrlFwTDpQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8USE2L0o3LW9CytMx2gNonzLsT-WYnoSYgV3vAcQuYSzNP4cezFUioGSf3DXf8peL3CljDiXCJBy_B6Zki9r_B3DDLkWB9Jl_D3hfuEuL-LshrpKdF32CJMrX3HjGzgdlGw15w10h1MzkCz31-cA&google_hm=OM8BTVHntGDYtSrlFwTDpQ
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B830
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL7x-fNgRNZ-5nnyMmCqsc1NMSMLQLsltBORDKRWhAlCLNuAkiOEraLATb1eO9Fb9Vi3C0enwbzMeZcPITdtj4roPPy9d1H4_D35kh_lU24QffVBl_tD3iwvPF2BoRWTYVAx6FFT_u...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPPkko4GEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVlnNXFQTDd4LWZOZ1JOWi01bm55TW1DcXNjMU5NU01MUUxzbHRCT1JES1JXaEFsQ0xOdUFraU9FcmFMQVRiMWVPOUZiOVZpM0MwZW53YnpNZVpjUE...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwS1BHQzBnUTQzVUh5TXJ2M2VNandLTW50eDdwRGpwSnU1Q0UwVGd4dzEzOA==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwS1BHQzBnUTQzVUh5TXJ2M2VNandLTW50eDdwRGpwSnU1Q0UwVGd4dzEzOA==&google_push
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwS1BHQzBnUTQzVUh5TXJ2M2VNandLTW50eDdwRGpwSnU1Q0UwVGd4dzEzOA==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sync
odr.mookie1.com/t/v2/ Frame B830 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAGYeMTNXgy5felCP-svmkg&google_push=AYg5qPLXwSazjnsSmAQ6892A9hmAaocjZe4XtykaVlsS3of2G8Xcpepzn7hXi4ULO7QEyLbZjMwt0T0S743rqkpItFhioHFMqSwl-gENMm31RkAPYqvicrt7xk-HMZw-j3kvWI-T5oqOcvQ9jiiAinjHeg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame B830 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEL_ghdKjhXTwWJz3EbP9jQM&google_cver=1&google_push=AYg5qPKDW3NUKsRW213Xb_-399-LWqjOcIN3o65bdXdQzOT22rZ6hrryx2n0S68AhDakjtC4r9tbAbUVuh15gLDadC8ymrYfPHa7rjkLYoKn_eIGunLj_eNw3taHhQYWt-5rDHn4KxXqaxLASpaCldoBtj4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
2s18o0gsoli5gitdo5j0u9jnf921c6j9
pixel
cm.g.doubleclick.net/ Frame B830
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AmoNzn76TQGS9Ws9BMeZ1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AmoNzn76TQGS9Ws9BMeZ1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLj4c-H7yhA2jBeOydj8ea9-92gS9AXbqFsA0UIf9gjNPypUjSkSJYNaawMFCUhfowHHSlZRIHviNJa9P6vhVth43Dd_ybQH5YiIVnEnWrdVZGMCcgBrp4oz08lq-kZzGS7UHV7FyHG64MZrgK2q1Y
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AmoNzn76TQGS9Ws9BMeZ1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLj4c-H7yhA2jBeOydj8ea9-92gS9AXbqFsA0UIf9gjNPypUjSkSJYNaawMFCUhfowHHSlZRIHviNJa9P6vhVth43Dd_ybQH5YiIVnEnWrdVZGMCcgBrp4oz08lq-kZzGS7UHV7FyHG64MZrgK2q1Y
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B830
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOehlUBTNBTHeN1_trE-S2w&google_cver=1&google_push=AYg5qPKNYIos-847XNEB4jeZIgtXh6nbjmxrbB3VRpDvdNE5T-5UnsFaUcmnm2ApuRY9eNZzKk9...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURU4tTy1IUFdV&google_push=AYg5qPKNYIos-847XNEB4jeZIgtXh6nbjmxrbB3VRpDvdNE5T-5UnsFaUcmnm2ApuRY9eNZzKk9lASGacIbErjhjBNNGeWEHX7pBJYiGL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURU4tTy1IUFdV&google_push=AYg5qPKNYIos-847XNEB4jeZIgtXh6nbjmxrbB3VRpDvdNE5T-5UnsFaUcmnm2ApuRY9eNZzKk9lASGacIbErjhjBNNGeWEHX7pBJYiGLqNlqxTfYrvhZlj1zczOxXWK_UCdwRlM1-QUBgpzBP5MbEnMlqY
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURU4tTy1IUFdV&google_push=AYg5qPKNYIos-847XNEB4jeZIgtXh6nbjmxrbB3VRpDvdNE5T-5UnsFaUcmnm2ApuRY9eNZzKk9lASGacIbErjhjBNNGeWEHX7pBJYiGLqNlqxTfYrvhZlj1zczOxXWK_UCdwRlM1-QUBgpzBP5MbEnMlqY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame B830
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQe...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame B830 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Js1YP6hIJJdAnFIjeEyx1OmMrOghpaWV2OsCXPIn8FuF3CufvmEWPexWqUOzNcSOee8jbx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 2789
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELZOv5_Rb0TlP59wZdfNvlE&google_cver=1&google_push=AYg5qPIrWmV-9EkoxhbB-toj6RDdtA3o2CDrA-0qP5uGSg9PjSC5kuGjjH...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIrWmV-9EkoxhbB-toj6RDdtA3o2CDrA-0qP5uGSg9PjSC5kuGjjHEMO80mplFuuVefV-oovSBxckaiOBQ0PNlcfKBqOY0&google_hm=OM8BTVH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIrWmV-9EkoxhbB-toj6RDdtA3o2CDrA-0qP5uGSg9PjSC5kuGjjHEMO80mplFuuVefV-oovSBxckaiOBQ0PNlcfKBqOY0&google_hm=OM8BTVHntGDYtSrlFwTDpQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIrWmV-9EkoxhbB-toj6RDdtA3o2CDrA-0qP5uGSg9PjSC5kuGjjHEMO80mplFuuVefV-oovSBxckaiOBQ0PNlcfKBqOY0&google_hm=OM8BTVHntGDYtSrlFwTDpQ
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2789
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEGZNX2atvVUp7BoyLlrEF40&google_cver=1&google_push=AYg5qPIxegGoVSBYHwxVI7FQRJHNQZx4DfIII6qHs3iGKOjMv2JUzn922JxoIBkgYNzPvjb9ASMwQ-dcoppyt7Oc_U4jq5Mqp0NS
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIxegGoVSBYHwxVI7FQRJHNQZx4DfIII6qHs3iGKOjMv2JUzn922JxoIBkgYNzPvjb9ASMwQ-dcoppyt7Oc_U4jq5Mqp0NS&google_hm=Q0FFU0VHWk5YMmF0dlZVc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIxegGoVSBYHwxVI7FQRJHNQZx4DfIII6qHs3iGKOjMv2JUzn922JxoIBkgYNzPvjb9ASMwQ-dcoppyt7Oc_U4jq5Mqp0NS&google_hm=Q0FFU0VHWk5YMmF0dlZVcDdCb3lMbHJFRjQw
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIxegGoVSBYHwxVI7FQRJHNQZx4DfIII6qHs3iGKOjMv2JUzn922JxoIBkgYNzPvjb9ASMwQ-dcoppyt7Oc_U4jq5Mqp0NS&google_hm=Q0FFU0VHWk5YMmF0dlZVcDdCb3lMbHJFRjQw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 2789 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHCdL3Tmr8Hf8qrchPCj1os&google_push=AYg5qPLgwmOe37VqSbMLQYksRHEJDN2fylOFnzGdgNjS6SKn1P3PxxIfr4SP_fS1VvbKuBS_9GuEXX2CcW16E1E9B47e7vyz0BBB&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 2789 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESENE5kcvqnQX8mM3CQHdwpu8&google_cver=1&google_push=AYg5qPJrQc6MJoYjDfEExmQUksQW1Q5jypo6kHkiRHM1bKtLs471GD8cPDyonULjrE4YAtlaeMmFLxsqUx2V_1mGqq81ufZ9ARY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
la3961g9ctq5j32u3gfqorcj902pmpmh
pixel
cm.g.doubleclick.net/ Frame 2789
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdS8KTjRipyfasWn_uy29SmNU271C3t0cykNnnP7_M_EnN24yUF-0OyAskImF8XEAdTapbZvnnrLdodhnvEy9nLzzmjapj
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdS8KTjRipyfasWn_uy29SmNU271C3t0cykNnnP7_M_EnN24yUF-0OyAskImF8XEAdTapbZvnnrLdodhnvEy9nLzzmjapj
date
Thu, 23 Dec 2021 17:31:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2789
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELpy4CalA4RhhxWaXeWpGsc&google_cver=1&google_push=AYg5qPJtxFo8oxPWWlBtQFnjmE5RcACI1uyoeyFNMbd-c0X5-1xXTaAVDnXWQ6YH6cEr-b34GCC...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURU4tTi1ZWTQ=&google_push=AYg5qPJtxFo8oxPWWlBtQFnjmE5RcACI1uyoeyFNMbd-c0X5-1xXTaAVDnXWQ6YH6cEr-b34GCC9uzgTh0DoczsWDsM3KxQ0tBF1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURU4tTi1ZWTQ=&google_push=AYg5qPJtxFo8oxPWWlBtQFnjmE5RcACI1uyoeyFNMbd-c0X5-1xXTaAVDnXWQ6YH6cEr-b34GCC9uzgTh0DoczsWDsM3KxQ0tBF1
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURU4tTi1ZWTQ=&google_push=AYg5qPJtxFo8oxPWWlBtQFnjmE5RcACI1uyoeyFNMbd-c0X5-1xXTaAVDnXWQ6YH6cEr-b34GCC9uzgTh0DoczsWDsM3KxQ0tBF1
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2789
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_x...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 2789 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhyG58qKJjvcd9HO18aUknpfGJQrAF7sm0f44prMfvX8Ef4O41mxokNETI85ZSNTs_ma54
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame AD1F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f70a3c973f99e3eed2f2701a107958a41429a7891f2676326fb755b68c164452

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C466 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
582aa6fbe17462099284fca466d4d51776f9faa6e68f597c44082dff160014f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame CE17 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires
Thu, 23 Dec 2021 18:31:31 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2395466
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mo%2FX3En52URzIwPYA86vhqEl9J%2FrLOm04ZLjJ%2FG1pwuw9v1nxM8jSxzwkH3Gzj6OfIOjcSInv7NPD3X6QUP8boVWIU2sOZ%2BgEc1aT8HK2B9LGC8M3iB3CHSEdrSmdBuADVE5Uwk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c2352ef680e0f56-MXP
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame F6E7 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hq5fbn8nm71atxkd8ks3k0n9wcv1q2meryyftnc8n59mgbvjb2dq3a0vs8zf2h408ngh9r9rvrpe5wq1a3033bgvbgay9ws3jf4ty8cw37z68phjsa7t34fg05t4vcsbmw62gwv0s229n333x28m912ch0wqx13xjb6egvqctg1mzjwh1ezmgavwkv3ys193gg8ejx3z285hb3fkx2n57jsv5k6en0s914gjcr6jerh5nqzqgz67fcd77fhcdcksvjsjnc4d9kdcy74ftzmj21xrz9vyy9bsjg5m5pzzzd2wvv8da0h2qcc5wtxbj51jpj0we4k0ab3sbp3dmrj6aa85zc9rm97184a9587mrdqtd6bwc2dxfbpb9bbx1c4ddzth8q1emm1dd88fgjzmd6zy1z3ezdc00tn9srk2s0reyzt154yw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hq5fbn8nm71atxkd8ks3k0n9wcv1q2meryyftnc8n59mgbvjb2dq3a0vs8zf2h408ngh9r9rvrpe5wq1a3033bgvbgay9ws3jf4ty8cw37z68phjsa7t34fg05t4vcsbmw62gwv0s229n333x28m912ch0wqx13xjb6egvqctg1mzjwh1ezmgavwkv3ys193gg8ejx3z285hb3fkx2n57jsv5k6en0s914gjcr6jerh5nqzqgz67fcd77fhcdcksvjsjnc4d9kdcy74ftzmj21xrz9vyy9bsjg5m5pzzzd2wvv8da0h2qcc5wtxbj51jpj0we4k0ab3sbp3dmrj6aa85zc9rm97184a9587mrdqtd6bwc2dxfbpb9bbx1c4ddzth8q1emm1dd88fgjzmd6zy1z3ezdc00tn9srk2s0reyzt154yw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695188
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2352ef781a0f56-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame F6E7 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hq5fbn8nm71atxkd8ks3k0n9wcv1q2meryyftnc8n59mgbvjb2dq3a0vs8zf2h408ngh9r9rvrpe5wq1a3033bgvbgay9ws3jf4ty8cw37z68phjsa7t34fg05t4vcsbmw62gwv0s229n333x28m912ch0wqx13xjb6egvqctg1mzjwh1ezmgavwkv3ys193gg8ejx3z285hb3fkx2n57jsv5k6en0s914gjcr6jerh5nqzqgz67fcd77fhcdcksvjsjnc4d9kdcy74ftzmj21xrz9vyy9bsjg5m5pzzzd2wvv8da0h2qcc5wtxbj51jpj0we4k0ab3sbp3dmrj6aa85zc9rm97184a9587mrdqtd6bwc2dxfbpb9bbx1c4ddzth8q1emm1dd88fgjzmd6zy1z3ezdc00tn9srk2s0reyzt154yw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9344
x-guploader-uploadid
ADPycdvct9lgBjn65AsNThnNOmywsZURvzdGcx1Yfei2yedHXlIa7dRt2-EjUUkon85Ifqq449wHNtW_AtkeW1PPqad3whXyvg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0%2Fy3bQguxT9N%2F6q24GMNU6BrJohN7ILHNj%2F5haOjF8uSor%2Fh99QLuVPxvAWKtEszUU6T8H7ZE2Ur07BeJZcCjpdFpSuWewYfigyEmlOOi%2FVHk12NPWTWDIMIS5Onts22kljB8s%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c2352ef781c0f56-MXP
expires
Thu, 23 Dec 2021 14:55:47 GMT
if
a4p.adpartner.pro/tracker/ Frame 2EE9 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c5c4b842-6cac-4d72-84bf-f168a1375ae6%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2225406d70-d341-4023-9358-0b7d5cd42c4a%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22782c3d48-43cc-415e-8b1a-797a115a52af%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 62FD 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c5c4b842-6cac-4d72-84bf-f168a1375ae6%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2225406d70-d341-4023-9358-0b7d5cd42c4a%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22782c3d48-43cc-415e-8b1a-797a115a52af%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
pixel
cm.g.doubleclick.net/ Frame DB5A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOSptyh3U8yNz4tvY_ubk5k&google_cver=1&google_push=AYg5qPLqOpAVsQbod3Xh2ZbVrUzkR1UEYNXjPyIF7P_-AecwsUF31YIqFI...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLqOpAVsQbod3Xh2ZbVrUzkR1UEYNXjPyIF7P_-AecwsUF31YIqFIQMZ1pCI9sDBEjrMP6LJcyHceD1HYOn-VJoe2U7e94IkLylJiVzWFcUW7U3o...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLqOpAVsQbod3Xh2ZbVrUzkR1UEYNXjPyIF7P_-AecwsUF31YIqFIQMZ1pCI9sDBEjrMP6LJcyHceD1HYOn-VJoe2U7e94IkLylJiVzWFcUW7U3o08pph3DIvLGPFh3wBn-GtQfUEaeLz47n1Xk2w&google_hm=OM8BTVHntGDYtSrlFwTDpQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLqOpAVsQbod3Xh2ZbVrUzkR1UEYNXjPyIF7P_-AecwsUF31YIqFIQMZ1pCI9sDBEjrMP6LJcyHceD1HYOn-VJoe2U7e94IkLylJiVzWFcUW7U3o08pph3DIvLGPFh3wBn-GtQfUEaeLz47n1Xk2w&google_hm=OM8BTVHntGDYtSrlFwTDpQ
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB5A
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKCIdXS78n7q82VKDQa_Wwk&google_cver=1&google_push=AYg5qPI9db3QR6isrJFcdWLbXSU8oEuc8om7tCA2yYmbUZCE7CqznjGpSwO7SHbLDZ0BuwjEstoqOws_-bDGwWeJC9dIOchWowbpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI9db3QR6isrJFcdWLbXSU8oEuc8om7tCA2yYmbUZCE7CqznjGpSwO7SHbLDZ0BuwjEstoqOws_-bDGwWeJC9dIOchWowbpQ--up854duJ8XfypxNUof4MWAKjR9ycp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI9db3QR6isrJFcdWLbXSU8oEuc8om7tCA2yYmbUZCE7CqznjGpSwO7SHbLDZ0BuwjEstoqOws_-bDGwWeJC9dIOchWowbpQ--up854duJ8XfypxNUof4MWAKjR9ycpmMdjJUAxLvE61K22RtD8VsM&google_hm=Q0FFU0VLQ0lkWFM3OG43cTgyVktEUWFfV3dr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI9db3QR6isrJFcdWLbXSU8oEuc8om7tCA2yYmbUZCE7CqznjGpSwO7SHbLDZ0BuwjEstoqOws_-bDGwWeJC9dIOchWowbpQ--up854duJ8XfypxNUof4MWAKjR9ycpmMdjJUAxLvE61K22RtD8VsM&google_hm=Q0FFU0VLQ0lkWFM3OG43cTgyVktEUWFfV3dr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame DB5A 		42 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPK_-1s3vMvGO6LRCvyoMYqDbpu4i4cfFmn1sLBq72vT_SIFDWhvf6iecdgvIUfevkRDPdjdZhup7TLH96APHEWqLEEh7qUmU6WpzV_ztUgkZeDeXE1vtHDCKvCyxlFNRQltOTi51N8vvUUhGn7Iwyo&google_gid=CAESEGL8ontCAFN8ROM6Y0EJYOs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
sync
odr.mookie1.com/t/v2/ Frame DB5A 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIAbBDHyR1yPBIYWr-ljGLY&google_push=AYg5qPJD1fMVASlxbKv-sib0v-4Uua8TXsFpnweAAsckXInnE6tigrpLtt8KxpyftISr6MssYNzUK_9F7r-nPORzzjbreNLhQwL9SL0uKsOpqUkXKVDeqFJbu6zYzevo2aay9AaiLtESr58AjljE-RcRQA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB5A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJxPGrHODS_wcRQCtkTQi52cIHkjSLUSQmFL0Im-hwzWTT3EdUKx3ZBXZWACTCOEs2SihH7qGsLqW2brPnRqi4tdAE-Ee-n_UtSSzo8_37ikRwUl4yC14JLPCOidIVSd_OVQ16Wd_eIgWYgJr5QtA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJxPGrHODS_wcRQCtkTQi52cIHkjSLUSQmFL0Im-hwzWTT3EdUKx3ZBXZWACTCOEs2SihH7qGsLqW2brPnRqi4tdAE-Ee-n_UtSSzo8_37ikRwUl4yC14JLPCOidIVSd_OVQ16Wd_eIgWYgJr5QtA
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame DB5A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAN7VnJU3pV81lFKAnJrUKI&google_cver=1&google_push=AYg5qPJM4UqgzQzaRlOpQ8MHdO1-uJimFt5fEFPDc5aZmRfKXeFH5EKMqvKZLSVthP-Vo6K9MLX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURjEtMVgtQ0xXNA==&google_push=AYg5qPJM4UqgzQzaRlOpQ8MHdO1-uJimFt5fEFPDc5aZmRfKXeFH5EKMqvKZLSVthP-Vo6K9MLX45wUGJv9C_9pdxGAgKs7zcLDHp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURjEtMVgtQ0xXNA==&google_push=AYg5qPJM4UqgzQzaRlOpQ8MHdO1-uJimFt5fEFPDc5aZmRfKXeFH5EKMqvKZLSVthP-Vo6K9MLX45wUGJv9C_9pdxGAgKs7zcLDHpcOV82PQc6ST5XWCdXlBXSlI3tYjQZ9R-reUZ3rnCsPAW8bFY_L14Ds
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJURjEtMVgtQ0xXNA==&google_push=AYg5qPJM4UqgzQzaRlOpQ8MHdO1-uJimFt5fEFPDc5aZmRfKXeFH5EKMqvKZLSVthP-Vo6K9MLX45wUGJv9C_9pdxGAgKs7zcLDHpcOV82PQc6ST5XWCdXlBXSlI3tYjQZ9R-reUZ3rnCsPAW8bFY_L14Ds
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
dot.gif
googlecm.hit.gemius.pl/ Frame DB5A
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAaAJ_IOYCTd_DGtl5rfYqg&google_cver=1&google_push=AYg5qPJnaOyBO4wf0cn_Jzde...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJnaOyBO4wf0cn_JzdeaAogV-4-EiwU8OWrauAOc_8EFy8V1VXDPsRCliR6-_7Axt9Mt53GxItfQ-mj21LD9kjQ7T1WJMy_eo3Hukt-GbDJit42MS0NJQ&googl...
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
43 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H2
Server
217.182.200.20 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm6.host.hit.gemius.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
image/gif
content-length
43
expires
Wed, 22 Dec 2021 17:31:31 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DB5A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJigek38PlEeRMPGUQX_flLCcdU0df5M1KXVZUeM-3DP2liY3A63SDoi1EGXRwdeWgcZP8tg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=570&idt=432&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QlrbSrtmDI&p=https%3A//newsyou.info&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
1564374.jpeg
img.adpartner.pro/1564/ Frame F167 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1564/1564374.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
e8e57e40e378e737e9282a9277113181f7732e6e318191b730f96cd98ba59d5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Wed, 17 Mar 2021 06:54:51 GMT
server
nginx
etag
"6051a7bb-da29"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
55849
1576063.jpeg
img.adpartner.pro/1576/ Frame F167 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1576/1576063.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
3e98125694d9931deddc26813896339026c50c64573e32a896c6e2ae6d8d4db0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 25 Mar 2021 10:25:48 GMT
server
nginx
etag
"605c652c-b9d0"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
47568
1700972.jpeg
img.adpartner.pro/1700/ Frame F167 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/1700/1700972.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
3c6026f564d0353e7a94d94a6b91a3e19c127b4170fb46da20056845fd9c36ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Sat, 26 Jun 2021 21:27:57 GMT
server
nginx
etag
"60d79bdd-d074"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
53364
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F167 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
532303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 13:39:48 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F167 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 04:11:53 GMT
x-content-type-options
nosniff
age
566378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 04:11:53 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BFA9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3756691587&adf=3092669988&pi=t.ma~as.5991095728&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=569&idt=380&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2515&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=py1lD3KKYQ&p=https%3A//newsyou.info&dtd=384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:31 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:31 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:31 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame E16D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=776914658&pi=t.ma~as.2767358249&w=610&lmt=1640280689&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689410&bpp=1&bdt=570&idt=305&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ghkOImtei9&p=https%3A//newsyou.info&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:31 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:31 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:31 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A2ED 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g2d19edekd8pddx46nhmbfwr29ptcq41b51gwqjn855xy3sywxcpvfznvhkzhv7w4gnh1a12qtz2t0x23ae37qzpajz6pprvpap3prfcs3pqhv4ttm3y06v4vyg3pms9g4kv56mjcqrh0ptpfvwb0kc7vbw1tey9eyk92gf5qp2p37zd20a4xrf7v2vjtj0v04vmrh70ekg6s6snhrwtmqahfbdx1sq965ttv9r9610zzwf9c6zqk8a24zakae9eac6bbkr2bw0pevj5cwsg4m1f9dq5fnpj4gd31a3ersgyjzs6v7hrbvyd32tmzgat4qp6dvnavz1b1ra2tm5c6k34y8jqa2k5mjdy8d6fqj4txa1mqqmk3597fw06taa3a4dvtd4ewn03007swt0zjze3pjvzd271syw0che90v2t82xhgz4y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g2d19edekd8pddx46nhmbfwr29ptcq41b51gwqjn855xy3sywxcpvfznvhkzhv7w4gnh1a12qtz2t0x23ae37qzpajz6pprvpap3prfcs3pqhv4ttm3y06v4vyg3pms9g4kv56mjcqrh0ptpfvwb0kc7vbw1tey9eyk92gf5qp2p37zd20a4xrf7v2vjtj0v04vmrh70ekg6s6snhrwtmqahfbdx1sq965ttv9r9610zzwf9c6zqk8a24zakae9eac6bbkr2bw0pevj5cwsg4m1f9dq5fnpj4gd31a3ersgyjzs6v7hrbvyd32tmzgat4qp6dvnavz1b1ra2tm5c6k34y8jqa2k5mjdy8d6fqj4txa1mqqmk3597fw06taa3a4dvtd4ewn03007swt0zjze3pjvzd271syw0che90v2t82xhgz4y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695188
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2352efa87d0f56-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame A2ED 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g2d19edekd8pddx46nhmbfwr29ptcq41b51gwqjn855xy3sywxcpvfznvhkzhv7w4gnh1a12qtz2t0x23ae37qzpajz6pprvpap3prfcs3pqhv4ttm3y06v4vyg3pms9g4kv56mjcqrh0ptpfvwb0kc7vbw1tey9eyk92gf5qp2p37zd20a4xrf7v2vjtj0v04vmrh70ekg6s6snhrwtmqahfbdx1sq965ttv9r9610zzwf9c6zqk8a24zakae9eac6bbkr2bw0pevj5cwsg4m1f9dq5fnpj4gd31a3ersgyjzs6v7hrbvyd32tmzgat4qp6dvnavz1b1ra2tm5c6k34y8jqa2k5mjdy8d6fqj4txa1mqqmk3597fw06taa3a4dvtd4ewn03007swt0zjze3pjvzd271syw0che90v2t82xhgz4y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9344
x-guploader-uploadid
ADPycdvct9lgBjn65AsNThnNOmywsZURvzdGcx1Yfei2yedHXlIa7dRt2-EjUUkon85Ifqq449wHNtW_AtkeW1PPqad3whXyvg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJty8yuYplSPnxi3h6eH7MrZ%2BJrcxfuuJPxnyGK2xq5yK43qnXpSaScnrikSRSeRwnw36uyWr49Z1QnCIec0mFGCeRAOoEf50Oe5fkMepjCbWzVfR1tni5hWV0fHghyro6MgFOk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c2352efa87f0f56-MXP
expires
Thu, 23 Dec 2021 14:55:47 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9920 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783005
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ4FG3GZlQPKuahl7BEsAoZSLtNs2aDQ0rrQ0DXVyRqQnPaMsez7Ie3O4LnDzKD41%2Fj%2FfsiaL85a%2BCWyYYtL75Y6ijnNqeKXFhGEIKhiT5kgHauXDx2GlC0rMag5HgS4Xaf%2B7O4kbQA7spNY7tspAXAg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c2352efc9ad5a07-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
pixel
cm.g.doubleclick.net/ Frame DCCE
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJoX7VOKoBHTzj0nczzmK6sD5ucK9u3la3GYVV...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWN3QUFCZkJ2TjFrUw&google_push=AYg5qPJoX7VOKoBHTzj0nczzmK6sD5ucK9u3la3GYVVh4-HFmle1qb6HSA5wTlZ1kQRrLyH2mPspwNhKVxNkZScdorvIUYSVDi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWN3QUFCZkJ2TjFrUw&google_push=AYg5qPJoX7VOKoBHTzj0nczzmK6sD5ucK9u3la3GYVVh4-HFmle1qb6HSA5wTlZ1kQRrLyH2mPspwNhKVxNkZScdorvIUYSVDiUVa1K7NuoC1t_zN5Fyi0ERcZ6BtouFQuPh_OZAmqHdJUNGo6lZKmBtIdE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWN3QUFCZkJ2TjFrUw&google_push=AYg5qPJoX7VOKoBHTzj0nczzmK6sD5ucK9u3la3GYVVh4-HFmle1qb6HSA5wTlZ1kQRrLyH2mPspwNhKVxNkZScdorvIUYSVDiUVa1K7NuoC1t_zN5Fyi0ERcZ6BtouFQuPh_OZAmqHdJUNGo6lZKmBtIdE
Date
Thu, 23 Dec 2021 17:31:31 GMT
Server
Apache
Connection
keep-alive
Content-Length
446
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame DCCE
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEL6OYWbRn2UQxScjH5SNxh4&google_cver=1&google_push=AYg5qPI9OtofEc6iduwTAwzCiU20MZnbAzJ7a9XCBzTdWgy7LQnbZc1FJLiv2zqe8W561cL31QpT4sWFJ2xhwcjm_GcSSUTWpOOnH...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI9OtofEc6iduwTAwzCiU20MZnbAzJ7a9XCBzTdWgy7LQnbZc1FJLiv2zqe8W561cL31QpT4sWFJ2xhwcjm_GcSSUTWpOOnH3LDsQMuFhbzVYCDdrDJnc18GKA8A9It...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI9OtofEc6iduwTAwzCiU20MZnbAzJ7a9XCBzTdWgy7LQnbZc1FJLiv2zqe8W561cL31QpT4sWFJ2xhwcjm_GcSSUTWpOOnH3LDsQMuFhbzVYCDdrDJnc18GKA8A9ItvDvHs_MvRiIOJGdUodDX1TA&google_hm=Q0FFU0VMNk9ZV2JSbjJVUXhTY2pINVNOeGg0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI9OtofEc6iduwTAwzCiU20MZnbAzJ7a9XCBzTdWgy7LQnbZc1FJLiv2zqe8W561cL31QpT4sWFJ2xhwcjm_GcSSUTWpOOnH3LDsQMuFhbzVYCDdrDJnc18GKA8A9ItvDvHs_MvRiIOJGdUodDX1TA&google_hm=Q0FFU0VMNk9ZV2JSbjJVUXhTY2pINVNOeGg0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame DCCE 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOLAA1gUEzs1xdX0I-HsScE&google_push=AYg5qPIkyhOaReRgyUEtRZj_Zp64uzIIwtrhEch7Qtropolq0Txsgl15xQpr30OC9a6R8uKnhFVeoFWhc9fj-vkHKlNdf5r6an3tA56SQU6KlWc4cbUImuGfkgadoy4RC9t8U6f-XoEdDA9mUg-5NHkl1uM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame DCCE 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEF0jDMu0Tg9Qqs1rlQv365o&google_cver=1&google_push=AYg5qPJyA5HN1I4Rh41Yrnz2IRr14x6gCGSVdFsIAVcunPhxVrOafVki8kSH1O5aUFcvles923TrRlddRk98axVSNipxqfdL75Y-gQuSg_Jf7bLYS6Fo6oPBPEnL6md0DQ34ETIv2Tv6_IoZP6RSTbwdXiU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
jo3ins4pl64n2hp3eg71relg6dahikh8
pixel
cm.g.doubleclick.net/ Frame DCCE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJeE253Fp7GJon2wO9yH6swTso2gRNJtDQ8xdSkEtQZyvxGPpBUXp7m9UdiQ4W6K0FrJ29qN9kzI1VxBNuMUsfO3gzsERwRs6Ro4ry1doiQ99byaeseAtxZ4Jpknp8Q_5rF-Ja36aE8F4PWOOuDWC8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dn_HQgckS1ed1mF_2YDl7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJeE253Fp7GJon2wO9yH6swTso2gRNJtDQ8xdSkEtQZyvxGPpBUXp7m9UdiQ4W6K0FrJ29qN9kzI1VxBNuMUsfO3gzsERwRs6Ro4ry1doiQ99byaeseAtxZ4Jpknp8Q_5rF-Ja36aE8F4PWOOuDWC8
date
Thu, 23 Dec 2021 17:31:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame DCCE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAh...
0
0
dot.gif
googlecm.hit.gemius.pl/ Frame DCCE
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMlPEMTXR9vsvBIIzJCbrNg&google_cver=1&google_push=AYg5qPJc10RwSx3GOpuIMZe7...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJc10RwSx3GOpuIMZe7-tUsJIHAzlmHhknavJYyCazVV308yMR6ngP301QDazaT8puh02bu8mp61HScXsG0u6xJ0I9aALzS2n3JeG5FO_ffD-yWZs4EI-&googl...
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
43 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H2
Server
217.182.200.20 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm6.host.hit.gemius.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
image/gif
content-length
43
expires
Wed, 22 Dec 2021 17:31:31 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DCCE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQa9WVB4Mi_WIjNkiAa1ETaT0lNCqEaQIINCc9vURIMAtHVndNd0BqD6Ah6VyPKn2AVd5myA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280690&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689412&bpp=1&bdt=572&idt=743&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=svW9YB6Y1y&p=https%3A//newsyou.info&dtd=746
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 2D09 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1169373_a92fd42263.jpg
zn3.2xclick.ru/img/300x300/373/ Frame 2D09 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/373/1169373_a92fd42263.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
1b86d8c739c9f3e1ecfde56ea85f699ebeb53a6d576523828150c147bb11f54e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 29 Jul 2021 04:52:58 GMT
Server
nginx
ETag
"6102342a-5944"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
22852
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1153108_a465e98b7b.jpg
zn3.2xclick.ru/img/300x300/108/ Frame 2D09 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/108/1153108_a465e98b7b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Wed, 30 Jun 2021 12:48:05 GMT
Server
nginx
ETag
"60dc6805-4f9d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20381
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246658_0b9d7dee25.jpg
zn3.2xclick.ru/img/300x300/658/ Frame 2D09 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/658/1246658_0b9d7dee25.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
55306872269e2f1b8b7df1b131017007577c4b4ae361f9c1e3cc0118e0e29b1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:32 GMT
Last-Modified
Thu, 23 Dec 2021 12:06:42 GMT
Server
nginx
ETag
"61c46652-6a0b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
27147
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnICY0OO_SnNAg==
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnICY0OO_SnNAg==&bounce=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnICY0OO_SnNAg==&bounce=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 23 Dec 2021 17:31:30 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnICY0OO_SnNAg==&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Thu, 23 Dec 2021 17:31:30 GMT
188CzdHEifbwxRCUHM8c
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/
Redirect Chain
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsnICY0OO_SnNAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/188CzdHEifbwxRCUHM8c
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/188CzdHEifbwxRCUHM8c
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/188CzdHEifbwxRCUHM8c
date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx/1.19.0
content-length
0
AVoiAtcQcV0u4ugqbEZA1rQ
fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsnICY0OO_SnNAg==
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsnICY0OO_SnNAg==&tuid=-4405859626
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AVoiAtcQcV0u4ugqbEZA1rQ
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AVoiAtcQcV0u4ugqbEZA1rQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:35 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AVoiAtcQcV0u4ugqbEZA1rQ
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsnICY0OO_SnNAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
188CzdHEifbwxRCUHM8c
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/
Redirect Chain
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsnICY0OO_SnNAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/188CzdHEifbwxRCUHM8c
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/188CzdHEifbwxRCUHM8c
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/188CzdHEifbwxRCUHM8c
date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx/1.19.0
content-length
0
0100007F72B2C4611C05104E02DF0F81
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsnICY0OO_SnNAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F72B2C4611C05104E02DF0F81
43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F72B2C4611C05104E02DF0F81
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F72B2C4611C05104E02DF0F81
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsnICY0OO_SnNAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:25 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
122
x-xss-protection
1; mode=block
expires
-1
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&tizer_id=212162&r=0.9469620514192247
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif; charset=windows-1251
frame.html
ad4m.at/ Frame 2EDF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires
Thu, 23 Dec 2021 18:31:31 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2395466
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qd5%2FGZyfuTEtBP8sGFKtBvjFTfXmGmyLS5%2FfXOX3eGY6869%2F77AK5hFPmiqo3zghGVEKL0tTaxU%2FUkDMLZb4nAB4xGkUoaXnHdK5tcPkvN3%2FeUMvRO7k3u1W127JycF4f8XJFQw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c2352eff91e0f56-MXP
content-encoding
br
informer
data.24smi.net/ 		1 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280690&ptz=0&pl=en-US&object=13267&template_id=1281&num=2&ref=&output=json&chash=OymJBnPJUr&extids=&callback=__smiCb1640280689497
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.192.82.4 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
lw2070.ua-hosting.company
Software
nginx /
Resource Hash
0c7f61efc249846bb2895dcd28853631248d4cc08ab2e6339f9f32c3b82456e1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 10:03:58 GMT
x-content-type-options
nosniff
age
113253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 10:03:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 14:02:00 GMT
x-content-type-options
nosniff
age
185371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 14:02:00 GMT
pixel
cm.g.doubleclick.net/ Frame 80DF
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJl5Ws7K-NVYtIAmn88jpa0&google_cver=1&google_push=AYg5qPJ8EyV66IJkdFwIK-Wc0zA987iJz8ADU9rA1DBCFkWObP5W4VdEq6T-A7e4JKN8mkRGgV4HFWX6yyPlq3ofZEMNFCjTwo4N6...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ8EyV66IJkdFwIK-Wc0zA987iJz8ADU9rA1DBCFkWObP5W4VdEq6T-A7e4JKN8mkRGgV4HFWX6yyPlq3ofZEMNFCjTwo4N6ud8cgLfFYgO4gkraOI8YZklJWCTdRnV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ8EyV66IJkdFwIK-Wc0zA987iJz8ADU9rA1DBCFkWObP5W4VdEq6T-A7e4JKN8mkRGgV4HFWX6yyPlq3ofZEMNFCjTwo4N6ud8cgLfFYgO4gkraOI8YZklJWCTdRnVUzHjNxATSQuelmfsZqYg91E&google_hm=Q0FFU0VKbDVXczdLLU5WWXRJQW1uODhqcGEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ8EyV66IJkdFwIK-Wc0zA987iJz8ADU9rA1DBCFkWObP5W4VdEq6T-A7e4JKN8mkRGgV4HFWX6yyPlq3ofZEMNFCjTwo4N6ud8cgLfFYgO4gkraOI8YZklJWCTdRnVUzHjNxATSQuelmfsZqYg91E&google_hm=Q0FFU0VKbDVXczdLLU5WWXRJQW1uODhqcGEw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 80DF 		42 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLKiOGJLXSiONytkAjaJB_dab5Ag4MllCSBCYg1M8WAvjJ1X3elr3STETOmxyu7wSljPJZrQ6HGcxKT-YLqBikD_ONzqEJg5dkccedj4TdiESC67lsYETLarZ40oPkkFil5noq7Qod29NVmFErtVJY&google_gid=CAESEJ4qrh1Qws2RSN8sscePow4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
pixel
cm.g.doubleclick.net/ Frame 80DF
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLwYM0_...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLwYM0_...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzEwMDAxMjY1OTIwMDI3Mw%3D%3D&google_push=AYg5qPLwYM0_n_Z9xllHY2sdCfe_aEYpnLE-kg0-GgtD_FP6LwnJLOOvKp3wiuysIL1VVd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzEwMDAxMjY1OTIwMDI3Mw%3D%3D&google_push=AYg5qPLwYM0_n_Z9xllHY2sdCfe_aEYpnLE-kg0-GgtD_FP6LwnJLOOvKp3wiuysIL1VVdOpKuAejgmJIF5F5CfQ_tTzmFBXN3wwm9y9aZMe4q1i99q83sPxSn-sU94U4kC-64H4eoOWEstONhVp3jy3Bgs
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzEwMDAxMjY1OTIwMDI3Mw%3D%3D&google_push=AYg5qPLwYM0_n_Z9xllHY2sdCfe_aEYpnLE-kg0-GgtD_FP6LwnJLOOvKp3wiuysIL1VVdOpKuAejgmJIF5F5CfQ_tTzmFBXN3wwm9y9aZMe4q1i99q83sPxSn-sU94U4kC-64H4eoOWEstONhVp3jy3Bgs
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 23 Dec 2021 17:31:31 GMT
sync
odr.mookie1.com/t/v2/ Frame 80DF 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHjF53ppr72Gq9D3IhIF50o&google_push=AYg5qPLZMuvm4KD89cvBlDHwbT_VWGt_pdKTax9fzGa_RNl1X2xkxz3CjiDwHzpLrYDBuxkQQJNb7n3Kj-P2uI_ZoDeDzJAavDxPqF9jYQv76xWhXVQtEMITip5HBpcgRNUSzLY-eRPdiTn6mHoo-Yg4dyA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 80DF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIkI_C4wv3wBLKCXQpEUPeQ&google_cver=1&google_push=AYg5qPKz4e6qZSmJ3BR3RgPp_HISjS6CQiGtzJrtG3o2TyalrGPK7qJ--0N7e0amGqNl83fmxI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJUSFYtTS0zWDdW&google_push=AYg5qPKz4e6qZSmJ3BR3RgPp_HISjS6CQiGtzJrtG3o2TyalrGPK7qJ--0N7e0amGqNl83fmxI5Ytj3Py3tfNIamMLeqhi5A6kb1BZA8E...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJUSFYtTS0zWDdW&google_push=AYg5qPKz4e6qZSmJ3BR3RgPp_HISjS6CQiGtzJrtG3o2TyalrGPK7qJ--0N7e0amGqNl83fmxI5Ytj3Py3tfNIamMLeqhi5A6kb1BZA8EaWChlaIXJxvT8zCrgZP79cy6n1IRjkbOqDLVeV_PeD5bHLrqxk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJUSFYtTS0zWDdW&google_push=AYg5qPKz4e6qZSmJ3BR3RgPp_HISjS6CQiGtzJrtG3o2TyalrGPK7qJ--0N7e0amGqNl83fmxI5Ytj3Py3tfNIamMLeqhi5A6kb1BZA8EaWChlaIXJxvT8zCrgZP79cy6n1IRjkbOqDLVeV_PeD5bHLrqxk
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
dot.gif
googlecm.hit.gemius.pl/ Frame 80DF
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJYk2lBHSTcckt1cexRiEKk&google_cver=1&google_push=AYg5qPKGc6Vsc0n0GrYluRAi...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKGc6Vsc0n0GrYluRAiUuYJWXcS1shQunAUgx6zsvG-25lrhGHJSgvcqDPdBV0nssmvdXSrGW5BQbVSdFjymlwJWM4kfa4CkkBpsdIvCugD5mvBQ31ttp&googl...
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H2
Server
217.182.200.20 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm6.host.hit.gemius.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
image/gif
content-length
43
expires
Wed, 22 Dec 2021 17:31:31 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 80DF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFtA7JmOQ0SvXk27hQP7EsKQjVv_XJn7S5uhCwRwQFH8oPWr2Z3OPuDoGJEAFVuCM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280689&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280689411&bpp=1&bdt=571&idt=534&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec210b25925b43f4-2226c60e0dcd0090%3AT%3D1640280689%3ART%3D1640280689%3AS%3DALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=3890625747124&frm=20&pv=1&ga_vid=1382827890.1640280690&ga_sid=1640280690&ga_hid=1894416176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2364838936529255&pem=924&tmod=18&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=rpumbTf4Iv&p=https%3A//newsyou.info&dtd=542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13978&f=2&ref=https%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
d3d0cdfe519a741e15c2d98c860903b2b38f55cf48c4b3b5f2185e3b09cd7496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F6E7 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783005
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSDD8minesEOJbMba1HCn7Wt0q3ofJ822ZI0%2BzQ06vXLVpzwa14C6b7l378Eyj8snzu%2BKlc1WKZIhncN5hSfAYPZwImhqv6oaFQP2Ri6H%2Bw3rUcS%2FYfnKxb4Y9THdUjUauT0GxHZ3dfpgwH40mdYW6jm"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c2352f04b395a07-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A2ED 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783005
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1A4zXrTF%2B4hHi%2F1cV9qDvbRQMrSQP0VWO2Nr6gMUN8Zwq5igS1oavOR%2BR1Ye6gJRTdBVVnqsdbCDTsL29kbEoZeWEe1vevRzR5LmE6f8r6L0WPnhobBek%2F2O9WFxTa67Q%2F97n%2Bvl8A%2BTQ2TKBlB9cG6p"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c2352f06b915a07-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame F289 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires
Thu, 23 Dec 2021 18:31:31 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2395466
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8PSLM2wDWWd04TMQ%2BLqUMTmMiji9p6ugzAT%2BhWpZDL8jTbipPOdVyy%2B7%2FI2XFLmbKxU9F6oiAfXGLa%2BUWDMWgvflvF4Ca7TXMNgOJxCQsZ26eMTmyZfp3gxya1oCeJ2vFMPFUI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c2352f07a170f56-MXP
content-encoding
br
internal
dmpprof.com/matching/ 		141 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=14&href=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&title=%D0%90%D0%B2%D1%81%D1%82%D1%80%D0%B0%D0%BB%D0%B8%D0%B9%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%B4%D1%83%D0%BC%D0%B0%D0%BB%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%81%D0%BF%D0%B0%D1%81%D1%82%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B5%D0%BB%D0%BA%D1%83%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D0%B2%20(%D0%A4%D0%9E%D0%A2%D0%9E)%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/6ed056a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
77c3adb259b7ec837f08a09fa2f9fa0db31cfdab2ab0b1f8ce89a5796c669a72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
141
frame.html
ad4m.at/ Frame A6D9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires
Thu, 23 Dec 2021 18:31:31 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2395466
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBIh2p%2BYHBg7Ur%2FBvyfMuDX93cFZP7nXgjkBVLdcvCkN4Ht1iBiKNfAcq7D6WTHxJ40EDOYyFJ5oPP3TJbArsbIuvz%2FcbC4PTUyJFm3SoNZo2XKvEydnypHFx%2FCap4kbb8Kuij4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c2352f08a510f56-MXP
content-encoding
br
22aa77b6ad1bc3afc9376e096d20e441.jpeg
img.servestatic.net/300_300/2/2/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.servestatic.net/300_300/2/2/22aa77b6ad1bc3afc9376e096d20e441.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4679 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceaae9923dca5b17e98396a3ed20b875f581afe2aa92f7d01a01d03b393017c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
118145
cf-polished
qual=85, origFmt=jpeg, origSize=23754
content-disposition
inline; filename="22aa77b6ad1bc3afc9376e096d20e441.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11574
last-modified
Wed, 22 Dec 2021 07:53:44 GMT
server
cloudflare
etag
W/"61c2d988-ee46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bv8DbLpNwpaTT0XRyZL386KiKi4wHicR2fL0x7gIymkyTzfMgPYxpXL1bUq850ynfnM3qF7tH9cohsKhxE6qJYSs%2BbPMy9zCu90FtJJOKOXp6ZiurQoyTY%2FvzNXcUV1y6N%2BV4VeJ3hh%2BM6x53sffjsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 18 Oct 2022 08:42:26 GMT
cache-control
max-age=25920000
accept-ranges
bytes
cf-ray
6c2352f11e192bd6-FRA
cf-bgj
imgq:85,h2pri
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-ztbd
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=io58XBZyDTRNR6GWsRd75sXo6HmyyUaLOG2k86IpOH%2FrrxGaQwg3XhWIdwB%2FaT1CAzFBcFfwk%2BCn0S08KiC4IjTNwEBFmJsbG3XCWXvbfgO8AlED46wu8SC5wCbUzw1i36XgUkA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c2352f128ae0f5a-MXP
rs
ad4m.at/ Frame CC3B 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae16bee9c431d5b877d4cf223f954c678220ec0abd3506e2b14224ab26f3fa83

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c2352f179460f5a-MXP
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJ0M7AhTlwK1G%2FcLqL%2BeXLzV0W5Q9LIiX%2B43FLqRrS2t%2B9ET%2BZWrHhP2fp9t1eqUyFlFB79F3FGgbmqXsICFugvJWUoMePREA%2FR%2B4Z7qlK76nxrttyAc6R3u9eNwdgRpfzVk2yk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-ztbd
rs
ad4m.at/ Frame 9920 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a594538bb4d61b11243241a09f6220621d84489370e055fec96138e308f0db29

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c2352f189750f5a-MXP
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQVEPH5rrUPTSW2xm%2FXqY%2FM7hR0BSzDs66Afvri2oss8%2FSvSQ2j4EcgSyPJZlxuNcHyfUGhIjJoyBPetGXHVWLrqK0%2BGZtw%2FHGX3vOZy8%2BBpBGZYlVg3WpidVwxVDcNpf6q7xLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-ztbd
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-ztbd
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skZgQqkpF%2FFNRKsCnFsuoF8zdTMmXiPikw3eImLzIqnvuuRnuY5mClCJRlaEFgQLHHWBhPJb68Q1xHZecScvAV4toc0iNZlVeegN6JBfHchSfaLn9PPl7%2F6ubqucfrWRlD3AWbM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c2352f128ac0f5a-MXP
5a57d4127a78.js
www.instagram.com/static/bundles/es6/EmbedAsyncLogger.js/ Frame C32A 		2 KB
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedAsyncLogger.js/5a57d4127a78.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimple.js/a1ec507bb684.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31922f6bdaababf8e0e03e478c4a8b1fc394462d5a659effe7f32d01ee74d708

Request headers

Referer
https://www.instagram.com/p/BNG6WrSgjLA/embed/captioned/?cr=1&v=12&wp=716&rd=https%3A%2F%2Fwuzzup.ru&rp=%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov.html
Origin
https://www.instagram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 21:08:04 GMT
content-encoding
br
etag
"5a57d4127a78"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
697
priority
u=3,i
rs
ad4m.at/ Frame F6E7 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2204df4354c591cab7a5d3b933b7963b00fee63ab9d9bd8841b8899b4b8db0e5

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c2352f189850f5a-MXP
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xh%2Fm4RUNWcqYwu0wqjZUQJECKgoy261GGbEBUHxI8EOk9%2F%2FO1tGKrGQ2abt45PBjAeW%2FH7SamH6QIDS%2BwaqNPku3WfaI3TcCWJQ%2FdDxU0rtXiJIlM8ra1c0rjOnQIsb%2BL%2F8wog0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-ztbd
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-ztbd
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NROATZIw13uLHx7cwGPseJGp2uxIUZU7PkttVu0o7nC24Kh6%2FX66dysbz99TA071WwLLxPIPFPN3UknQj06tHonbUKzs9IGhxe0Iggf4hVv2REdyK%2Bx4G%2FDFrfyZMaxUVYeX8r0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c2352f138ca0f5a-MXP
rs
ad4m.at/ Frame A2ED 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea63b7ff6ea5067f38fcc1c184d1aa338ead7e05a5d8700099c0515ad7aaaa5

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c2352f1a9af0f5a-MXP
date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTXGei06tEGfmstcGDvpa9dMnB8yvzJMLAZv0a4Svby%2BogsmfRLgQAPzNhx3dJ6RFDrfN%2FjK0yuwjKdG6SCL8pJDjE%2FcyRmsnqYSWLfzDQEgvdrrVabcj5WIUg1rZ7RyVFWiBsg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-ztbd
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-ztbd
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MNGx2wbEmpTh1i4bWjOt4vhhV2OPRwHGzmEKbkE1Dc3hxKnd6AhUAnqzjRSODIVK%2Fkoaf%2F2APa4Ce0ErTmewCruvXGsQQWAfh9KDlsBgmDpfywjYYC5CkeXAIDt0Sihnmn5gzc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c2352f138e50f5a-MXP
/
vcmjf535tx.ru/json/ 		49 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vcmjf535tx.ru/json/?user_id=24c5a424-8818-4ea6-8e1e-65a6aa25daeb&site_id=7221&blocks=6944%2C610%2012512%2C300%208032%2C300
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a49ecc05f153263a91710b4e50cf77a9bdb2a859767845a557ca0f93c45ad0c5

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
gzip
x-adsbid-request
acf0ae9e2bac039e8c613454f5e98736
vary
Accept-Encoding
server
nginx/1.18.0
content-type
text/plain; charset=utf-8
demography
prodmp.ru/pclicks/ 		3 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks/demography?domain=newsyou.info
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/6ed056a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 23 Dec 2021 17:31:31 GMT
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame AF26 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246215_a759d52860.jpg
zn3.2xclick.ru/img/400x400/215/ Frame AF26 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/215/1246215_a759d52860.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:32 GMT
Last-Modified
Wed, 22 Dec 2021 19:54:14 GMT
Server
nginx
ETag
"61c38266-6301"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
25345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
x01.aidata.io/ 		0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnICY0OO_SnNAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 23 Dec 2021 17:31:30 GMT
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsnICY0OO_SnNAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsnICY0OO_SnNAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:25 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
104
x-xss-protection
1; mode=block
expires
-1
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&tizer_id=13978&r=0.26734931972677
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif; charset=windows-1251
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=10139&f=2&ref=https%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
07d994a7b5b9f4862fc868a3f05297a0bded27e370a121b3bedfbc5e2842a4af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
rar
as.ad4m.at/ad/ Frame 809C 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9f19c66edf7895c612ae203a0d4171903c65085f6bc421dbf73dc3db5485eeb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g864nr26ng2exer8cpbbqn1w21b3q6qpbbzxta4rgsfxgpf3h08mzmfweyhzsqyh490xkvs8dfes7v63ep1h7bm3qdzcykgkge2zpe6qxh8tg0a8qkg6zapdkrtb1r5jb9fgr2z0z6y4pxs0zjmtk29gmqw1tmb460xa2tby2h9yh9cz1r3d041xc72xby5e69tyefyf4bsqyzegmx06kjkmhdkwbv22x60ahrghzxg5h1fpayqckc7x5wq8rbse7fa57y3n08g0yy7grgpjc92gnmfssmnfama7tncwkygx35wt55195zyn66j2ft3x6s33tmnkzgk0zrn6n78bxd6nd6nf9ckhv8prmc1cdfs1p8m6wh06q92fh183vg54g92q8nek6xttg6d3x1x411pgf5d5h4y949pcxk41jes88hnrph24&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2352f1cc8f0f56-MXP
content-encoding
br
enr
dmpprof.com/ 		2 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/enr?href=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&title=%D0%90%D0%B2%D1%81%D1%82%D1%80%D0%B0%D0%BB%D0%B8%D0%B9%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%B4%D1%83%D0%BC%D0%B0%D0%BB%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%81%D0%BF%D0%B0%D1%81%D1%82%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B5%D0%BB%D0%BA%D1%83%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D0%B2%20(%D0%A4%D0%9E%D0%A2%D0%9E)%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/6ed056a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
rar
as.ad4m.at/ad/ Frame 1094 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24afe35f0ece022407bc8f2b736311b494d0a3ab1ecc5c22f8ac112ec59e3ad0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hq5fbn8nm71atxkd8ks3k0n9wcv1q2meryyftnc8n59mgbvjb2dq3a0vs8zf2h408ngh9r9rvrpe5wq1a3033bgvbgay9ws3jf4ty8cw37z68phjsa7t34fg05t4vcsbmw62gwv0s229n333x28m912ch0wqx13xjb6egvqctg1mzjwh1ezmgavwkv3ys193gg8ejx3z285hb3fkx2n57jsv5k6en0s914gjcr6jerh5nqzqgz67fcd77fhcdcksvjsjnc4d9kdcy74ftzmj21xrz9vyy9bsjg5m5pzzzd2wvv8da0h2qcc5wtxbj51jpj0we4k0ab3sbp3dmrj6aa85zc9rm97184a9587mrdqtd6bwc2dxfbpb9bbx1c4ddzth8q1emm1dd88fgjzmd6zy1z3ezdc00tn9srk2s0reyzt154yw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2352f1ece30f56-MXP
content-encoding
br
rar
as.ad4m.at/ad/ Frame A346 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6650ede810b8f9d3e300b3fc50347b96590fb002e03a8111919c10a898f9ab9b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gfn9k76kd74fcykvbrjww87mqr9y8pm103p1dpmwh341pcvpg18f9nax10c7t7kt2bygf84dv8r6wdp38wvygzeybdp486pxj5tw5pjfc36ys67a584bzm4bde9706b8agtpn1agwwsjq0st6a676srqzm4wd68a37x5dsrz1fsg6mfm9c0wfkpswd19gj21s0j30c2xw1k1acsd5z0w83wgj6hvrx7249mj331qh7w6h4zbcymk7dcsbmkt5p81f14jx96qcb05539qd1jtdh1bxqsbzjmd8r7ffnnw6b4d0zwrcskx84zr5m9tasbs1hwx9yrmrgdjhfx3zzfneatmdhmtx7emdf0sfjnk54hbjpej1n9fjjbs6079xhw5p3jav8sfpapjr74ae5nskq0xxchgfhjjgq8p598qfht2pw3vg9hp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2352f1fd080f56-MXP
content-encoding
br
rar
as.ad4m.at/ad/ Frame C238 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d65d6de0430a4dc3a6ec3d3df2692c9a50b4fb1000ef7cb6821c86e3f6ef35
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g2d19edekd8pddx46nhmbfwr29ptcq41b51gwqjn855xy3sywxcpvfznvhkzhv7w4gnh1a12qtz2t0x23ae37qzpajz6pprvpap3prfcs3pqhv4ttm3y06v4vyg3pms9g4kv56mjcqrh0ptpfvwb0kc7vbw1tey9eyk92gf5qp2p37zd20a4xrf7v2vjtj0v04vmrh70ekg6s6snhrwtmqahfbdx1sq965ttv9r9610zzwf9c6zqk8a24zakae9eac6bbkr2bw0pevj5cwsg4m1f9dq5fnpj4gd31a3ersgyjzs6v7hrbvyd32tmzgat4qp6dvnavz1b1ra2tm5c6k34y8jqa2k5mjdy8d6fqj4txa1mqqmk3597fw06taa3a4dvtd4ewn03007swt0zjze3pjvzd271syw0che90v2t82xhgz4y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2352f20d330f56-MXP
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 809C 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695188
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2352f23d970f56-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 809C 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231474
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yK%2BJ9rXK9LI%2F8Kg2hCG9eEdVelfD%2BbN6XgpPFbxhWR0Y6mU2lmzmOBlKyX3luBLnL5uUn0gA8t6FAADBeVxpVNJbdC8xDGMRceZRdQtG41BCicAmoaMgcvgRBWRchitoayHveCt57idjt2F6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c2352f248ea4327-FRA
cf-bgj
imgq:85,h2pri
26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
assets.ad4m.at/product_image/ Frame 809C 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=UIcfng==, md5=WdNWx4gdrvbwTy1Z36jlTw==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231507
cf-polished
qual=85, origFmt=jpeg, origSize=80186
x-guploader-uploadid
ADPycdvSUyMDA-llWwNsZftjYsU6J9nygTQqIxukqa5s2JRAcMhqdlifPyuEHsvN-sotD0zGT3yNNT25YF6ldgnTfGA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31900
last-modified
Wed, 10 Feb 2021 09:05:09 GMT
server
cloudflare
etag
"59d356c7881daef6f04f2d59dfa8e54f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKHkfev1aw9v3L1MVrYg6cwa5DjomXSjJIhff9cIei%2FsH7k5PWPDRaI37T6hf2mTJGOEpLa%2BE9tDfEFfIPe7hXZ%2BCShBkNugqlOUMTthzvr6wU8RL3IbZer2uBaHOzMIJHJP6r%2Bi%2BPLhbGSi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612947909004757
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
80186
accept-ranges
bytes
cf-ray
6c2352f238e64327-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame 809C
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313160669259069X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112231831316066925...
43 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313160669259069X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313160669259069X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 809C 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231510
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiZI56Moc4yB%2FKtHlq8ibkOVLYDNulPOTsCwhApn9CYLTFdIJKVx3xD1aifCBtl8z4qwk9j0HZzFNkYrb17AH0GrdeHZnPustUMh80fe1ebdTV3hyH15kZ6W%2Fzw7xMg4yRwH7k9UiJL1Gvo%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c2352f248eb4327-FRA
cf-bgj
imgq:85,h2pri
4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
assets.ad4m.at/product_image/ Frame 809C 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=JbWtsw==, md5=JJTrR/gVHMvTHm8bHvL8+Q==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
671724
cf-polished
qual=85, origFmt=jpeg, origSize=136162
x-guploader-uploadid
ADPycdtNERnfRRso23rmRJZ4dWYSqdsT2TFIECrFx5eVFxpy6DcoJ-D0Lx5PUTG7YkWN_L41OWvOmRbP0ulaDKepLDQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19842
last-modified
Thu, 21 Oct 2021 09:14:42 GMT
server
cloudflare
etag
"2494eb47f8151ccbd31e6f1b1ef2fcf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMot%2F%2FQxDH7p77cF3Cpb9L78Kid0rQpqOu%2FgfSGCIr4ykLGk5%2FdVClp6mYG1YX4ijHZZQFIZQWLvSlHbgmo8CqVrcSBgXcvIpL9dug2gUDjtojpuotFPqtV13C9N8TGaDN%2Fkw4J6b0xG%2Bp69"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634807682206403
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136162
accept-ranges
bytes
cf-ray
6c2352f248ec4327-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame 809C
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122318313160669259053X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211223183131606692590...
43 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313160669259053X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313160669259053X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 809C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231478
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdsBhB4SVbJUId60_2wHZUuWtHjLMoe6bTHlFfyjCEmZdEXkw_UjuYWIUZ_IKN87qb1Urx01sOoLtw5CjdqWHx0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXJpE56506RtZbgx8oZt8b8rip3EWPCVLljsNYuwRvyyK%2F7%2BzdYVKXurNqHdb9kCL2gpXsgZNI%2BHuQTRoO3Ch8%2BTQHG7LFPm1cO7Ux2jaRlB1Gj1QCxrqWJ64v8oaGSpD6hFaRrGUtbN0G3N"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6c2352f248f34327-FRA
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame 809C 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231479
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdu670Rk0ISPcs7txQwGYIL1NvXNwFkHaqljLnngC8hZQe9GoRcQBXOqPMxMUAPKD1P6hyAQ8mreDGPEoxRJxgs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxowqGF3zn0EOrzBe6l%2B5oszD0UQJxsFqf2%2Fg7O2KD9h%2F4j4CgDVS1oP9NbY9j3ALRMsW214iCppo52GZ7HISObhxf1lIFMn8w%2BfDUX%2BelaQ4VTHhkmr3Hor4FIRGIlsW1uCc9ARlaV5bBh4"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6c2352f248ef4327-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 1094 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695188
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2352f24db00f56-MXP
cf-bgj
minify
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 1094 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=KCmbHg==, md5=qo//b2x9KW8DnVvNoA1SVw==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231482
cf-polished
origFmt=png, origSize=17428
x-guploader-uploadid
ADPycdscMzT355gfSvVKa315d6JuOfUPL6dDnmcmdLYNl3QtMdasAETU7zoG7Y-WnSZ9SmEzicp006oUhvL1oSLYURw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4642
last-modified
Fri, 22 Oct 2021 09:58:13 GMT
server
cloudflare
etag
"aa8fff6f6c7d296f039d5bcda00d5257"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHyvXYxoTgb7N6zi%2Bl%2Fcl2GBqJWdFQvJV88tHOEOOLU4Q5Y%2FCgtabDAcaNIfRfduPgQA9GjNYgQ0KQY8iohw18%2Bxg07K01z%2BhMNqTHFQzgLULHM%2F39WksZAFNlpEewhUMQagwZSIiqVDPEEt"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634896693300485
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17428
accept-ranges
bytes
cf-ray
6c2352f248f54327-FRA
cf-bgj
imgq:85,h2pri
FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame 1094 		359 KB
360 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=lmXgQw==, md5=1xHkv3KBHo5uf1DGNNz2kA==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231511
cf-polished
origFmt=png, origSize=565110
x-guploader-uploadid
ADPycdttGuPH0tGGsTzYzi_HZa0bkyncq1FKkCr_SkQDpyipLH002gMAgRRybUjqDFImnL9tF1IG4uybLuB5BTz5CdffakzVVA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
367856
last-modified
Fri, 22 Oct 2021 10:16:19 GMT
server
cloudflare
etag
"d711e4bf72811e8e6e7f50c634dcf690"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upblfb1nQEDryfsPqDTklc6QRSTOYb6QoHAS2gSD3D7LPI00DU7AEDhuHwE8GFPAmn496PVHP%2F%2FjeptJmitPxR335QttKKHroMCz4zvLfhbLgGBgCgCmaHAGEqqGIoxc1jQ40YGfHIH0ahXd"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634897779481391
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
565110
accept-ranges
bytes
cf-ray
6c2352f248f64327-FRA
cf-bgj
imgq:85,h2pri
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 1094 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231505
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdtWwmpW-PaJZY0dnkd822pnNX7k033JfgoXtkmRFgGuoCCXv2tAkXIxzUQtlPattvQmzbd6P4gadkbwRoFHXWk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGFN3SiaUgOk8Yz3HwghPgMxeVxiMw15hIBTwA9oe6jRH3qadY%2BdLZDdNTMxF%2B4ptyF4bh2Ms1F3kFw%2FnP3T8OB%2FJ0Nk4z6XQgnwIS6kJsZ06hB1dqC47CNwuzD1Bqr8CCYVYmLDOylgTm9x"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
6c2352f248f84327-FRA
cf-bgj
imgq:85,h2pri
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 1094 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231476
cf-polished
qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid
ADPycdsWB5R6JT8KFI73K-5pbHz71XTrTom3cDic91AUNFl3nPo-E9eQCrjD4yBUmGUlgEwxZ-xNhgVcPSX_hJpwYzU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30226
last-modified
Thu, 09 Apr 2020 08:50:22 GMT
server
cloudflare
etag
"f7c8b1c28756e1f042414e043a02e1fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKJdrIKEISMLtU%2FWq0F%2FhviKwu7peNFIrP8e0nSFkX47%2FeD8K4Q1iuabtufpypUViWd%2FMDHP0UTLiox9nN4w7tJjazef1FgQyx%2Fk5bY8Imu05tYBMIkjmZEKBk10OQ%2BfP2cnwixZ1B%2FasZ4O"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586422222365290
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
81547
accept-ranges
bytes
cf-ray
6c2352f248fa4327-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 1094
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJru0t-5-vQCFW_vuwgdLDwIsQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRot...
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280691_2b1f9170-6416-11ec-aa5f-2261f8d01a34
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280691_2b1f9170-6416-11ec-aa5f-2261f8d01a34
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:31 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280691_2b1f9170-6416-11ec-aa5f-2261f8d01a34
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
5404B18EC3C42814EC55ECCDAC94D540D07E28DC37C9B2BFAB5ACD0D732F3D3007B5B05DBBEC85F426804F85EE3DC1BB4334F2E31FDEB997FF3BDB393C20025F
assets.ad4m.at/logo/ Frame 1094 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5404B18EC3C42814EC55ECCDAC94D540D07E28DC37C9B2BFAB5ACD0D732F3D3007B5B05DBBEC85F426804F85EE3DC1BB4334F2E31FDEB997FF3BDB393C20025F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c2021bdac59d8348ce96f8eda3d24c9d1d99d6c60f63e020c6567e39078d11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=/Q/6tg==, md5=wyA5XaMHHJmGLFy2SnfRig==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231506
cf-polished
origFmt=png, origSize=29675
x-guploader-uploadid
ADPycdsmFjfCjDxNw9V-boqB6FitOxRABzpI0ASd-q5evxceu6ld2zjQQa0lvdZ6k4MfCs-bD36Lxm1fKOdoxa4PmWnpEMHeTA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11084
last-modified
Mon, 11 May 2020 08:26:17 GMT
server
cloudflare
etag
"c320395da3071c99862c5cb64a77d18a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LN5uxJK0%2FboBPgFgaHxtR1Fo8tQvAC6zLworTzL28ny6IeeCiHavMbMW4GAdksZSjQL4pxSPLNDSzkUitYL93PMfbwERFHFQOTPArOPiOniR3VHQoYXI0QIWe2UFpAGavl%2F0UAVmuQWA3%2F9O"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589185577639472
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29675
accept-ranges
bytes
cf-ray
6c2352f249014327-FRA
cf-bgj
imgq:85,h2pri
9AE8F63960E59AEBA7C87D6EC1BCB3F76BB15CBF908C84DAC0430D19E4DCF95A0C6FDF609CFF5E20F0EC3E37D1C1616A2D3D74BDC25D3D6E4B606E1E2C4F2181
assets.ad4m.at/product_image/ Frame 1094 		303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/9AE8F63960E59AEBA7C87D6EC1BCB3F76BB15CBF908C84DAC0430D19E4DCF95A0C6FDF609CFF5E20F0EC3E37D1C1616A2D3D74BDC25D3D6E4B606E1E2C4F2181
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa6f4107b5a29a1b3d1e0fb085191dcd7d8bb9497ae061d1e1304abd20891f86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1Hb8/w==, md5=hZxXU1RAQV3ntT4Wegq49A==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231503
cf-polished
origFmt=png, origSize=491451
x-guploader-uploadid
ADPycdv0e36FsQkZoBK2yex_tamgC8JE6CG6cJcc4y3xIllzIs84o9X7Vzqt5dZBlXf5PfsuA31PBWF9ANQ5Mebjj2ELRimHbA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
310322
last-modified
Wed, 15 Dec 2021 16:19:29 GMT
server
cloudflare
etag
"859c57535440415de7b53e167a0ab8f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDT78dyY%2FOSjBzgaJBhrfmDKZ5nETMbBZVHnWansoxsPAZIKUlcPWpOqq%2F%2FhMHf1QHeYM9wIwJnrULSSgngjgNFX0Ra%2B0PRVexnCRI2PyyZPqCgQXj6fyfjky9%2FrBXJssZvE%2FBrePd1F1F2e"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639585169260253
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
491451
accept-ranges
bytes
cf-ray
6c2352f249024327-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 1094 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2471479&v=10679&q=372055&r=412871&pv=1&pref3=&pv=1&pref3=oneid4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUKoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A346 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695188
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2352f25dd60f56-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A346 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231474
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HFvYppNH5LdXlut2XsXq2eZLuorwGF0tRGCrvdal8CxvOxWnwi%2BkvpcWah2BSEkA660MhQCHjUqDp7%2B3DERIRI5knMNPCJvOVz3E7zSBdDTM6jIY0hXZctRCIGypcmrSiRXcPuKBZt7AMQq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c2352f259254327-FRA
cf-bgj
imgq:85,h2pri
26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
assets.ad4m.at/product_image/ Frame A346 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=UIcfng==, md5=WdNWx4gdrvbwTy1Z36jlTw==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231507
cf-polished
qual=85, origFmt=jpeg, origSize=80186
x-guploader-uploadid
ADPycdvSUyMDA-llWwNsZftjYsU6J9nygTQqIxukqa5s2JRAcMhqdlifPyuEHsvN-sotD0zGT3yNNT25YF6ldgnTfGA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31900
last-modified
Wed, 10 Feb 2021 09:05:09 GMT
server
cloudflare
etag
"59d356c7881daef6f04f2d59dfa8e54f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKDt4P46jFnfpWM87onY52G1k5pPpjePh2LZ%2FmQCiHFS02X6LiYU7Er%2FbGnrbWIPEjOe%2FuMp2czA8x1NlThIo0XCmKwjysOhkPRbdH8ltbDIqTLwjEDZSEdkfGV4%2Bp1LcXhJQEqRGbZFZFbN"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612947909004757
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
80186
accept-ranges
bytes
cf-ray
6c2352f269364327-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame A346
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122318313160669259059X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-o...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112231831316066925...
43 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313160669259059X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313160669259059X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame A346 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
671407
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdsUFgYazyzmNe7KiA2paXkbc7-_LPoUCNJXK9BEiL3qS4ncYVZmhHRIY7fobeXko0l5dtSvekLyMpJ9VfgiaxpUlPRTGQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsymg9uzamFO45y5RK3l6xhEaCNiZCUl16jJlYUrCqn28Nv8FPga%2FeKwx7djq5kJRBC%2Fu5v34m9Ttf1i7aMlk5UKf31waemBpjc4XMrsZ658syesI06anmmPwpkqcB5E48DCYnpxIE94zVjN"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c2352f26dee0f56-MXP
cf-bgj
imgq:85,h2pri
109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
assets.ad4m.at/product_image/ Frame A346 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=HwscaQ==, md5=QEKMkuOfQyYKQIg2TmID3Q==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1209851
cf-polished
qual=85, origFmt=jpeg, origSize=109711
x-guploader-uploadid
ADPycdtKrJfuepi_ZUHXK5JSj0tMmXlPnUwrEmcj8O798BxDpNQBUxNSBqak6K-kAfCPkWNpM2kp-UZH8ukx3wLRiuk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20822
last-modified
Thu, 21 Oct 2021 08:32:12 GMT
server
cloudflare
etag
"40428c92e39f43260a4088364e6203dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45bVCNS6gDUzctSJvyFV6yAk3GuCAWGhs%2FMm26pSTjb%2BdAzntU6jhJL%2BqggDKYUETlMvIYSr6b1IMBYFRPXuNulsHTAChEKPraO7dlTotKvHG014a%2BShX8pfWTD6gGmd4IsC8jhcrRFGvN0w"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634805132458381
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
109711
accept-ranges
bytes
cf-ray
6c2352f26df40f56-MXP
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame A346
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122318313160669259061X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211223183131606692590...
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313160669259061X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313160669259061X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame A346 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
668565
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdtZXoJWVcDOmJhexd4zD5TLAhCGbVCyYU0Fq0S1zw3JE0qAXsDDRs-L5vLqV1218MXi7RPVXXgRCYl6gYou3bw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0Y3MIoctk6160NFviI1WtBKRLPnXrUeMW1JRUjKtKinahA38XA%2Bn2XB%2FIz5eSJXNtf2Rw%2FOFFAbFFmsjEl5TtQzmGgX6GI2o5QO%2Fl4fYa82dZ7WF0quUJ6rmGyeF8p2Z%2FkJRYNxEuuSn1cj"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6c2352f26df60f56-MXP
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame A346 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
669482
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdt9d3_o1BiAiYrFIQ-klXsDU5vQrzeK0TmxSz8dj57mJV5Pp7Y6FyXHbTvyy_m4raXJcpsk2FOQnGi0D8XMHfk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IyTwPTes9Ym2S2%2FLfAyBUKqep043MYhEm%2F5%2Bc%2FzfFS3xa3ju7n4TqTAbSZ1wpOtFw1nvsdl4fv%2FWIUIe%2BVPwt4IyEfW8PTTkGx8X24SgbJakXJ2ARNhM%2FKm7UPN1FMklHmqVGeNV3gjdpME"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6c2352f26dfc0f56-MXP
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 809C 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
15d718acf029bd29c3a46d693356d06513006ea14a0cc71bb3e72277562bdf45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1481
Expires
Mon, 26 Jul 1997 05:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame C238 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695188
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c2352f2ded30f56-MXP
cf-bgj
minify
5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame C238 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=hBHCMA==, md5=23TE0/JCZhnuq3Ni+PjppA==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
670682
cf-polished
origFmt=png, origSize=12441
x-guploader-uploadid
ADPycdtpFcKvemnka3W3fX7WPgZJyjRrUZ04WJf861g1cwsCc88I5eoB__-LEv5knqRvYWa9M6J8ACAEPNnboRof3ireNgtiww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5676
last-modified
Wed, 22 Jan 2020 13:02:46 GMT
server
cloudflare
etag
"db74c4d3f2426619eeab7362f8f8e9a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97I9H1hjlGwfM%2BjTDAjdgwCaLcEQwTOjsphIoSA4S5Os4C1vBwJpLHRBfI2I%2FOd3agxrRdTTGzMzKwVk6a41eqKhD51q2b%2FUvHulyMlx6OVRmakOBIjlNZpFUOGtUUBSI5bxXmOQWOu8ihBd"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698166841638
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12441
accept-ranges
bytes
cf-ray
6c2352f2ded50f56-MXP
cf-bgj
imgq:85,h2pri
9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame C238 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=limNHA==, md5=mmc1zohzhBG1IcVyR5glog==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
673480
cf-polished
qual=85, origFmt=jpeg, origSize=98417
x-guploader-uploadid
ADPycdvRYpFbtnKrvEWg9wHt6upqNQh1pqfUwHA8766Zvoivqjg1dvt7F2mTWfDZfnN5b4IPdP1k0gCgLWsjzN9Qxthe7k9SBA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38376
last-modified
Tue, 30 Jun 2020 10:59:41 GMT
server
cloudflare
etag
"9a6735ce88738411b521c572479825a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kg%2BR5RIvDPoGA8ZihD%2B5nz9Ky39Ot0BnRyjhm2nIGImtICKuaM77uf4rE3lgeegEJqC0wmMdGmJXmBqTLzdWJKJZJlSN5knAS9cHJ8lBv2WkFowdzm%2FsNPUi9uvja3jdnZut9QrnU3jNZrCq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593514781204583
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
98417
accept-ranges
bytes
cf-ray
6c2352f2ded80f56-MXP
cf-bgj
imgq:85,h2pri
view
t.adcell.com/p/ Frame C238 		42 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneidqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3oneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
strict-transport-security
max-age=15768000
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame C238 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=PRHAtQ==, md5=UfPUXNWo6kuI6N0malNepA==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
674620
cf-polished
origFmt=png, origSize=74333
x-guploader-uploadid
ADPycduRJZhUgfe463owbkCa3XbTIrEG5kUUjNgH97UiqqsNNTebDI6Q6lF9zSqLHFCUkno9LwHHHx_mA3yKZI9wuxc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
47320
last-modified
Mon, 11 May 2020 10:44:44 GMT
server
cloudflare
etag
"51f3d45cd5a8ea4b88e8dd266a535ea4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nTg7tgyTrLwFLgS6HtPACnWGhg7J7ICgd5RPf5FL5Nmlr2UWLV5xx1SKKw3Z%2BPkdDS%2BWHiYoa3oI9RdfgbLHIrnLKjdeX7U31jV0YKZCfPSKMcXnonUxt2tuy4uE%2FEYGMEDZbkRXU7P2ghh"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589193884048730
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
74333
accept-ranges
bytes
cf-ray
6c2352f2dedc0f56-MXP
cf-bgj
imgq:85,h2pri
E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame C238 		290 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=PFtpQA==, md5=489woOXoZ5LkJrzz2r1hBQ==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1207248
cf-polished
origFmt=png, origSize=489686
x-guploader-uploadid
ADPycdvYHcokOdzY_QZ1-Ni4gJtOczNh9PBXbWJDwuIKDgtC7kdT7cBp-RlaXaMok0rPDXVLJuuBE9u2kxof5mjFQ9I
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
296674
last-modified
Tue, 17 Nov 2020 11:24:27 GMT
server
cloudflare
etag
"e3cf70a0e5e86792e426bcf3dabd6105"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdfE6r0VkcCmxAusYG80ed2GOYLJUrQ6h970MsXNe1QcC2Wozq8SV7Oc%2FFxwjDlICQRdHrgn8wFkxoApyhKPEBe8a5GjJMqWkknpyhEkjHheVKi9CH8597EJGPjwknrBicU2WxXMJMkikktg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1605612267020757
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
489686
accept-ranges
bytes
cf-ray
6c2352f2dedd0f56-MXP
cf-bgj
imgq:85,h2pri
D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame C238 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2675947
cf-polished
origFmt=png, origSize=17428
x-guploader-uploadid
ADPycdsa2xFexsYpQM8jg7aelutTlc-8oLwgd4rkJ9fP3anVWW9Ud0eOd2NE8nCkTcmPXpZFn3fBhx12-bUTfjPIUd08AHv6sA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6390
last-modified
Wed, 18 Aug 2021 10:34:33 GMT
server
cloudflare
etag
"26c84ef9c719f5cf615a799a8667d2e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNRkRRguW7scKoI6K5Hv8c0EWCu00kYLZncmVWTRa56aJETb1O3rAn9zP8gXDRfzRHv25VUPv4pcyIzzkTnpkUSHjyWih6y4svRBP4sBRDQzSZ%2F5Ive582Xeb%2B8CP7vGACaxAXGpNR5onZ%2F7"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1629282873725600
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17428
accept-ranges
bytes
cf-ray
6c2352f2dede0f56-MXP
cf-bgj
imgq:85,h2pri
8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame C238 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1205246
cf-polished
qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid
ADPycdtzNuDXEixYdJ9E5w2tLB9g3omTKcRa1U9xWoLkO6eKSYiDZSR0Yle1JxejynyGuj3vLmOTvTHS2HfDyYbgUOc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28448
last-modified
Tue, 03 Aug 2021 12:47:14 GMT
server
cloudflare
etag
"6d92776609fcae3d35627b3987f9b1e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLUqerdBRhYEoC3NtXgi919PUsR6erjihl2MGgX5mZWP0X3Il1acTHdMorALVW%2Bxtd3BncdMS6DXT%2BwA1i3lprTs16mupXuz7ZwRB9mMkaQu3b6dYUwUMs%2B1SE1MXu7Zg3WJRahK%2BsGLrBC1"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1627994834652806
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
82379
accept-ranges
bytes
cf-ray
6c2352f2dee10f56-MXP
cf-bgj
imgq:85,h2pri
tsv
neso.r.niwepa.com/ts/i5542019/ Frame C238 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneid5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1oneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.187.117.15 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
15.117.187.35.bc.googleusercontent.com
Software
nginx/1.13.9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx/1.13.9
p3p
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
image/gif
content-length
43
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
internal
dmpprof.com/matching/ 		140 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=14&href=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&title=%D0%90%D0%B2%D1%81%D1%82%D1%80%D0%B0%D0%BB%D0%B8%D0%B9%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%B4%D1%83%D0%BC%D0%B0%D0%BB%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%81%D0%BF%D0%B0%D1%81%D1%82%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B5%D0%BB%D0%BA%D1%83%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D0%B2%20(%D0%A4%D0%9E%D0%A2%D0%9E)%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/6ed056a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ed0b2c57fb48529e74ca3a15d008d2e9b478c42fe41600fb31393befbd5204dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
140
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:29:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:31 GMT
css
fonts.googleapis.com/ 		3 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:51:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:31 GMT
link.html
track.webgains.com/ Frame 1094 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3766801&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1km6fzc7p52z6y77fwk3zem151eqbvc1eh04qwevjmdv9b72eh1esj8gscdmmp5z588mjjcqz39dpz3r9xyjssmjew1fp6p4nderm4f9a7zwgt9190qmxzhzy2xeqf9e07tcdwyvys8bt9h8j42t7v0ya0ermxr9k13fb9jarc39z32gjqaszzatns02nx8hp54v9mvv9nfectz4gnnkw66cjx55ae4133xv2h41arjgqy3k6v3dvyxxf17wgv0bprqxq41kwtvhcfy9b1we3bg4sfysfjnf48rxaasjyjcs55r2983smpftw8%26a%3D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4d663bccb358a9d9b1889d6d78b0ebb3c6f7f7297b310d4d44b8fd27e3afdd57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1471
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame A346 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C161594%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=ead300b21e0cdd60de47efea28207808%2F2722316974335640299&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691472&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvxvpsta3p0maryn41gf7g270rs2xz6h3dag6zwtrcbvkpyfdjnx1rr214qw0d0vdjcym1640p0ptc9nbn3pm9fnxgfgc3wqvw5vmrfeqhx4x0t9et214jmys91sqn2qkjbn2nkq64myd7g4y0t9kxbjk5q32jk21gm1kjfzxtc88kmdzw6ezgttaxycgxppyj4wh6az2hzqsg3742vmsxapetv7aj7e621f46apy0b4f633m4hpa7r960x9cs9qq6rm481fp1cyz4krkpg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4GODcbLEYZLKOaKtngX39ZagD5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK-hreN_fayPqgDAaoE_AFP0ONYyvmn8cNDNEyX3SRuwceznu5WW7cf2q--uXGtNZyghCFlogJVeBPeOzo-8VZ6hLdY9QSr31YTcW6W8nnS5Z_iHF1OO96jrXnCoMBt0atwW0tEWARRBzmDL9ImMKzMyFT58CS2-uRx8QpZTWazYdd1Qkiqe0EiR61mOQ9FYN660GQcHtqUZbhhfHSYH2vlhBm3eVXt7QWSa1PQx_yczX7-sDBGG5mG6v62GE3iYfMqUZuJbSaT6R9bU8NIaPX47wPEbxjMB6M7b9TfOXkIC_2pzQTQrtE1jeS7S4RqTouMQgyBRv_jrgV5DO10ROrg1-UH1XlL9_CP5GKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_12tg316sP_MRYsiFwQcRp2FXqQ6w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
26a261af9bd49b78821bcf7c527ce2e3e2cfc1ad9edc75d40372668e26b63dbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1481
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
c.mgid.com/pv/ 		0
69 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1640280691739777839501&uniqId=0c6fd&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov-foto%20&lu=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&sessionId=61c4b274-04df5&pageView=1&pvid=17de859141b875e785a&site=413933&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c2352f37bf42b59-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
link.html
track.webgains.com/ Frame C238 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jcgfabdnctzg5cwdss87kkwhdk1wvywqw35ndmk3b3ts21de6cr6f9a2r0txym3kxr9tk9d5kw64qtjk6vxj62hv6qzzt5w0t0k1gj9z9fjc0qstanryr4c1276wxpxx6yj1v35ndkcsrys3fht8sg9yw1d423s379cyzcy543033tx02cypmxww9er0zmh85jxweqs8030mtz05vjczj1pqavy0atkt5069yagbdz1af8jfvm9damwfwqx2j9vn3503az1x1637ag9rr3azgk0f0wjzsyhmfvtfmetmx8wkpz9tff7fqcq%26a%3D&clickref=oneidVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
adc5388e0bc37ecebea45b7d45e1a62eeb1bc46e796432f78efb188d85457cb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1475
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame A800 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246879_2abcc89321.jpg
zn3.2xclick.ru/img/400x400/879/ Frame A800 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/879/1246879_2abcc89321.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
d18621f7385067fcfd7ddf9af42da75c9026a0d74be6db9580f5fbe6bf73dbce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:32 GMT
Last-Modified
Thu, 23 Dec 2021 16:27:43 GMT
Server
nginx
ETag
"61c4a37f-429f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17055
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1244709_699db3740c.jpg
zn3.2xclick.ru/img/400x400/709/ Frame A800 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/709/1244709_699db3740c.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3ef2df70fb969b54f937f8840677fd07fb06e6d1438418ef7132e48c9464ab7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:32 GMT
Last-Modified
Mon, 20 Dec 2021 16:02:51 GMT
Server
nginx
ETag
"61c0a92b-90ee"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
37102
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
x01.aidata.io/ 		0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsnICY0OO_SnNAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
last-modified
Thu, 23 Dec 2021 17:31:30 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 23 Dec 2021 17:31:30 GMT
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsnICY0OO_SnNAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsnICY0OO_SnNAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:25 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
125
x-xss-protection
1; mode=block
expires
-1
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&tizer_id=10139&r=0.2629664553163875
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx
content-type
image/gif; charset=windows-1251
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
br
cf-cache-status
HIT
age
5352
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c2352f3ecf92b59-FRA
expires
Fri, 24 Dec 2021 17:31:31 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
br
cf-cache-status
HIT
age
5373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c2352f3fcff2b59-FRA
expires
Fri, 24 Dec 2021 17:31:31 GMT
pvClk.min.js
analytics.webgains.io/ Frame 809C 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
110487
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 04:28:20 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
60l_sU8f2OLxofTy5AlDALjzT_vnD8yFibYKs1AvgJi_tF8TnPJtKA==
link.html
track.webgains.com/ Frame 809C 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidk2BF5f8jMSJezcbCwHetBtkYwSkTjTpGKaRoneid__asuidoCUmw9cQJbp6I3Y2sywKpMClPno1DNftasuid__suite_Mweb_Netmix_Reach103_TopRotaMonth&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19877%2C37798%2C43784&b=Y2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr%2CR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=qGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3%2CQpKH4fdjUVpVhxH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CV&g=6bb4913a6a27da51636a1553f12e4c3d%2F17334302417747899892&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691458&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2p64tjf0cyqzm80gkanx5rmsq8gedw1r5s0p5m2v8fcggv4pnvttcjse8cd44fcgyetvdnmvv5z3qm317kced1pgqzb6eh561f6m1nxrmdzsa9a0r90eevmjya0h921nb620fs2wa1hh410w8ghr8x4bp68eafsze6t0b4vpsypy5w1bmcjf6pyb0zv2g5bg1x7wj574sfh46vrwkzybedk7vtewqnpy7rx900m1wza3ts4q59275hr0rt0pvddqa5a1qxfc9zv4ve8ax0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8sD4crLEYbn0B4WEwuIPta6WkA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01OTk0Njk3MDI4MzgwNjA5oAHCrujdA8gBCakCGjCchsn_sj6oAwGqBIMCT9B-KMBSmvOagAI6wzsj7kEnuxtphnBZtjAgqWUkhwACoHc5H8a7i7-x3oM-K8tzs2oBsov_e-Ozo6Rv9ySwsgJClkhA4ErdA3jPA5e7GqEiU8gpJFf-EYPb_ARDrWlEHltby68Y0IiPQEnEaj_J88y_UtwbyBVEwk6vPvDKXWvB8QXPBPz_WfsHLJwEpl7krnImcwWcu4OSXS5GbplieHehR_IeGvCGIGim6xBwVxn1gJPe0dHjZg_D3Q7K7x8xiIB6seo8vrhZ0XddzUm5CDk2nbLmvlP30AKFxei_YnnPNCQUoHYoi0GiLBkzl2C8qnT-9UKlj4b0P5p_4qrAyWm5IIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2wIULo4G7ooecUrQzT74R_mvo_uw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:31 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
mapping
dprof.site/matching/ 		17 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=24c5a424-8818-4ea6-8e1e-65a6aa25daeb
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/6ed056a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:31 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
1
servicer.mgid.com/1146775/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1146775/1?pv=5&cbuster=1640280691867257974688&uniqId=0c6fd&niet=4g&nisd=false&jsv=es6&w=610&h=123&wrongImageSize=1&p3_w=197&p3_h=93&maxw_3=197&maxh_3=93&cols=3&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov-foto%20&lu=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&sessionId=61c4b274-04df5&pageView=1&pvid=17de859141b875e785a&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
120ce8465a3f474c502ae7fd233adea11f7f6e1e459e9f9e64e28a52a5b05e06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c2352f44da82b59-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1122348/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122348/1?w=610&h=203&p3_w=197&p3_h=183&maxw_3=197&maxh_3=183&cols=3&pv=5&cbuster=1640280691869910312443&uniqId=0e046&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov-foto%20&lu=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&sessionId=61c4b274-04df5&pageView=0&pvid=17de859141b875e785a&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4d184c4aaba281b76d4a58fe4575358acd4dd2a2ed9e4be34d54d232b80cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c2352f44daf2b59-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1024868/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1024868/1?w=300&h=496&cols=1&pv=5&cbuster=1640280691873133454303&uniqId=0c906&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Favstralijka-pridumala-kak-spasti-novogodnyuyu-elku-ot-kotov-foto%20&lu=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&sessionId=61c4b274-04df5&pageView=0&pvid=17de859141b875e785a&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44657cea2ecca4fc55282de2847f37378634b8999c72cd7028afbb8f9cfd23ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c2352f47c356945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css2
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:55:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:31 GMT
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
d0361c2d408e98ee.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/c02fc2ca61cb439c9a52c9def803937d/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/c02fc2ca61cb439c9a52c9def803937d/d0361c2d408e98ee.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.4 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
mail2.mascotte.ru
Software
nginx/1.18.0 /
Resource Hash
b74ce8a781ecffde124a21eb07c907773a6b628363a4e587602ded04b7ed2312

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
last-modified
Wed, 22 Dec 2021 07:30:16 GMT
server
nginx/1.18.0
etag
"61c2d408-6001"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
24577
d0361c3202ab9a6b.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/d0361c3202ab9a6b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.4 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
mail2.mascotte.ru
Software
nginx/1.18.0 /
Resource Hash
f4fcea89d430967c0e79d7d860cdc150b8171e52f55b2455509535a9c7d5290a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
last-modified
Wed, 22 Dec 2021 12:55:06 GMT
server
nginx/1.18.0
etag
"61c3202a-71c5"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
29125
truncated
/ 		526 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
d0361c32065b4e19.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/d0361c32065b4e19.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.4 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
mail2.mascotte.ru
Software
nginx/1.18.0 /
Resource Hash
82c3ed6ff4ab2a922e388aa0ae0894d86036393ebff63f2e7e74efa9f708cad5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
last-modified
Wed, 22 Dec 2021 12:56:05 GMT
server
nginx/1.18.0
etag
"61c32065-7699"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
30361
d0361c31fee1b24a.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/d0361c31fee1b24a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.4 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
mail2.mascotte.ru
Software
nginx/1.18.0 /
Resource Hash
6804acce8caf4034e76ca17282755c64641e3d54ae4c7f6218d059d076cb9e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
last-modified
Wed, 22 Dec 2021 12:54:06 GMT
server
nginx/1.18.0
etag
"61c31fee-a2b1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
41649
d0b61b8fbc068836.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/d0b61b8fbc068836.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.4 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
mail2.mascotte.ru
Software
nginx/1.18.0 /
Resource Hash
28c3b24f87d5f92b9674f8f01f11fb31a3e68538ea483ac9812986bb8b8d9294

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
last-modified
Tue, 14 Dec 2021 20:17:04 GMT
server
nginx/1.18.0
etag
"61b8fbc0-5ece"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
24270
pvClk.min.js
analytics.webgains.io/ Frame 1094 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766801&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1km6fzc7p52z6y77fwk3zem151eqbvc1eh04qwevjmdv9b72eh1esj8gscdmmp5z588mjjcqz39dpz3r9xyjssmjew1fp6p4nderm4f9a7zwgt9190qmxzhzy2xeqf9e07tcdwyvys8bt9h8j42t7v0ya0ermxr9k13fb9jarc39z32gjqaszzatns02nx8hp54v9mvv9nfectz4gnnkw66cjx55ae4133xv2h41arjgqy3k6v3dvyxxf17wgv0bprqxq41kwtvhcfy9b1we3bg4sfysfjnf48rxaasjyjcs55r2983smpftw8%26a%3D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
110487
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 04:28:20 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
-meocuF7k2ssPgMcyspINu3SmzP_ako5PeR_iClmHWQF5J_Un6O81A==
link.html
track.webgains.com/ Frame 1094 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidg55f8fqdDTYYYDFPHbH8t5t7W55adTQTmZVueoneid__asuidkR239a2D2QEmlunPNbUnfFFZ2nioMUN5asuid__suite_Netmix_Reach99_TELEKOM_PUSH&wglinkid=3766801
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22451%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=b7830084e141b3b64446e991cbae7825%2F14636127843767531141&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691475&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g10c7vj1nap42t35v68481zcyekz9hmaepaymcxczrmvdr46nr1an6m43vhh90cfgnztr5xyhqp47xgsj80jyjeryzht86p6ygc8xxkx2hqg01t511d5svmhn25yjn8t375mv5n69zw6txzjt0fa8b6sxy8ecfay6b6sk27jjvetxhv0h7705d5r6vft82ndnf3e1jy45zrfc0bq1hdb62h5dq9bfhkq6vvan5ymdrj2kfj1qgv10m3ecwn1xfewypht76q4bydzpsxqtq0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQue5crLEYbm3D4O6ngWYrq-wDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0D2FEp-6QBsYCgh-I26DBooj8_h32gb1xCLEB-1pUp9NKz7m4a9xQkLRF_gVMhxQIwHJQs8og-Il5KLghxTIgcDel3oouSLe9sGSas_w9xYGmc_tKicT7NT9Bapu8HiqKFIz-8AeMPsxZETJIO1u9rvRrByuQmIbvyViieyz0DNjWDwURCu3xilfBwf7phvUJ7MuCxi0HCIWX4y3UPwJxAqTB2I-iSyLMJtXXZHIkuOiTb1TrcQLWkc6Z06nrpG9FhXEgoSU_X-fZeMWtSdHREOyvWh4rrnISJ1KrXDlhhBFqedFFZlWoEDd_JnB4rsEMLz0M2qnv-f2JOuYuT_3W9iABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3pUrPg5zNS0xq7HbIAwJCOivn9HA%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
cdc6a672e24d84d0277383399879fb8a1d6e02cf7f1fab4fe2a31aa173ad9faf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:31 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2759
Expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ 		525 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		349 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
pvClk.min.js
analytics.webgains.io/ Frame A346 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
110487
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 04:28:20 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
GXNgu7IHXj0Wco6IxTW9t0nGR-9giFl7fi5iWH5D90I3DTOU8-d0Ig==
link.html
track.webgains.com/ Frame A346 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidk2BF5f8jMSJezcbCwHetBtkYwSkTjTpGKaRoneid__asuidoCUmw9cQJbp6I3Y2sywKpMClPno1DNftasuid__suite_Mweb_Netmix_Reach103_TopRotaMonth&wglinkid=3247721
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:32 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:32 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame C238 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jcgfabdnctzg5cwdss87kkwhdk1wvywqw35ndmk3b3ts21de6cr6f9a2r0txym3kxr9tk9d5kw64qtjk6vxj62hv6qzzt5w0t0k1gj9z9fjc0qstanryr4c1276wxpxx6yj1v35ndkcsrys3fht8sg9yw1d423s379cyzcy543033tx02cypmxww9er0zmh85jxweqs8030mtz05vjczj1pqavy0atkt5069yagbdz1af8jfvm9damwfwqx2j9vn3503az1x1637ag9rr3azgk0f0wjzsyhmfvtfmetmx8wkpz9tff7fqcq%26a%3D&clickref=oneidVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
110487
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 04:28:20 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
R1UtCTc1eYsSnuXSE2jIOYEPzFUuZq-gxXCfF8dk5JwqkJbMThLoOA==
link.html
track.webgains.com/ Frame C238 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=205795&viewref=oneid6eYfef4bwS99jxfkCmHYtktKXVT2T1T2XpU7oneid__asuidMgeupr9i-ocqu3rT6GR0zGFNyBtJy0cOasuid__suite_Mweb_Netmix_Reach103_TopRotaMonth&wglinkid=2647615
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C56666%2C161178&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CGK9hBfYpsxx4DUKHeHGtPtk74C2TYTErUE%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2CVPrSwf6mFJJ1XuVHbHAtXCD6gskTzTKGTQ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=KgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3&g=f367e848fad7f4a136c0643dc107193e%2F16193097597163889737&i=1676%2C22427%2C65236&j=4%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280691490&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h26wmrneejxrn0dq9qccxnfggncevapz4wjs29rrvxkejpj4ybg6rh81g7p2my9z5rp5yd7n69pwvp86mbgvftc0qjqb1wnhnjfc4mn3r4x9gj7xefhwmvqnpyqz0zvne74z8n8qdnzw9kgdr5n1gkx7nj94tpyy3mf9b69tzf8fks0qb4g2d1a7q12h1jtxa8mj2ejaemt16gkxemxevtfxr8416emyfx3hhjrqa1v6w27frxnzdhp0g0jrg66553has9t4rkkm1a4dssg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCgEgicrLEYfCMA8WnngWtq66gDZDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK403JU0PeyPqgDAaoEggJP0KtoMjPre60sAWFPZzWbCXzp-3J0XvlauGliDBx-ive3pnRA1BtdOuFSEr7RKM9sVNS2W6AgsOYKN2fGcpvsE4XzCPczX3XAJeg9Ld48cJfj2KK6ejENdAVgXFKDeqjXukspfQaOLLFeB0ZoJm4XFdJErjJHxYLXuVa5PKqN0yIpthW1-SvW_ZTFTwwn22TetL-Rj5ZPErTw7JwgHOJvIIgp2Rk9fvva--bzMG8L1DByWCUjTcqkkJQZKIqfr8s5GTaRzRuEkKPugP_neLRhM9LErir9_zQbyxasxXDh2jmAfzQ84d_qGrD6Gr8xhQWKArUTmvV7fPwRRJgZYBXygv2ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Qb_6ABPdYYSI2MqGCvHosLNlA_w%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:32 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:32 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZDUxYzFjODU5YTQyYTQ5N...
s-img.mgid.com/g/11739854/492x277/-/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739854/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZDUxYzFjODU5YTQyYTQ5NjIzYzBjYzRmMTM0OWI1Y2IuanBlZw.webp?v=1640280691-NtdmoYzFjtU1ZGtwS3dnS_rNiYMR_yUIJlwWxsxIPUA
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3313e847415b94cb7bd7de08544ca540dbb3baa99a5254d7491c5612fdce5cd2

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid
304d84ec-20d2-49d3-acea-bda3b753b7bd
age
182457
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c2352f5bf85178e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10834
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNzU5NjQ1ZGRkMGYwNzZlZ...
s-img.mgid.com/g/11739866/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739866/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNzU5NjQ1ZGRkMGYwNzZlZjQ1OGI5MDJhM2QxNmE3NGYuanBn.webp?v=1640280691-94_wOfrWahkn7TjmePkR6LdIz3NNJ1rhxO96HLijEOo
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0377ec36b97a4a5f62afa27cdcded344619ab365e8af6614afafeea3f67a00

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:51:53 GMT
x-mg-request-uuid
cf0cca39-f86b-4476-a145-298691e4045d
age
189019
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c2352f5dfbe178e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11784
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZjI5YzNhYjIxMWVkYjZlN...
s-img.mgid.com/g/11739871/492x277/-/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739871/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZjI5YzNhYjIxMWVkYjZlNzg5YWQ4M2VhN2Y1YTI2MDcucG5n.webp?v=1640280691-oCHrhbNcRi1TbgWg7FNPn65sl6-hEil-N_4PoyBdUG4
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
754d79c32d86a3d7b2ad327189b991f978f9c1c6f41f9bbea98eaa750aee9c93

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid
6cab0084-52d6-44e3-8172-db7f70a76bcd
age
183133
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c2352f5dfbf178e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20540
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzQ4Nix5XzQ2MS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZTUxZmMxO...
s-img.mgid.com/g/11739835/328x328/-/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739835/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzQ4Nix5XzQ2MS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZTUxZmMxODk4YWNiMzk5MjQwMDA4YjQ0YjcwMTVkODYuanBn.webp?v=1640280691-oVnk49JvAMIq4R7jYtXWvgiGFadvdC8lEbpwQiH0h80
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ae999bb7da44a39a0f4c1c0395b62ffa08b7b37ce91119e5d2433a1007efec

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:56:01 GMT
x-mg-request-uuid
4e3aaaef-7e7a-4e5f-abca-fe2298f6068d
age
186774
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c2352f5dfc0178e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15182
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0LzI0Njg3Mjk3M2ZiNGUxMDg0O...
s-img.mgid.com/g/11739851/328x328/-/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739851/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0LzI0Njg3Mjk3M2ZiNGUxMDg0OThmMGM3MjUwZTQyYjUwLmpwZWc.webp?v=1640280691-mJLc_xyGgKLMGZoETLCjhT5SY6w0qEzxwqZcweq4ZaA
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee446e8dcd6206ed36314f4b52989124db0630f1a7aa8fe5699c6c2a5130975d

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:53:16 GMT
x-mg-request-uuid
090b8c8e-d92f-48d0-a2fd-1c5c7534d4ba
age
180553
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c2352f5dfc2178e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17628
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzQ4NCx5XzM4NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvNjQwMWE4M...
s-img.mgid.com/g/11739875/328x328/-/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739875/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzQ4NCx5XzM4NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvNjQwMWE4MWY3NGNiNjczOTc1ZGYwZWM0NWRkZjA3ZWEuanBn.webp?v=1640280691-fbV7ny-at_Ge7m4Ry3nO1a2PVQGMvEZMUxinKzlpZs8
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2579feb979f2311843dc741b08fdaaf1a35997ada17ccea6d527193319aaad2

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:51:17 GMT
x-mg-request-uuid
95f27427-fffd-42d6-adf8-a9d902a10fbd
age
118967
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c2352f5dfc4178e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10902
server
cloudflare
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C68 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6m1vFzfwOJFdNtgREBsNlCS_Dab3mr31rJVRhAdnXZxwkArCQLuWmCidF4p8RKxqR_6HxHamGQfZmTH0cTnmllw&sig=Cg0ArKJSzDJGYGbR_b13EAE&cid=CAASF-RoKp24oGKGAQt7Yl0d9tqpdymcxPyF&id=lidar2&mcvt=1003&p=0,0,250,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=895116589&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640280689847&rpt=1105&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3Z...
s-img.mgid.com/g/11739864/492x277/-/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739864/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3ZDAyMzk2OWE1NjdiZDZkNjUucG5n.webp?v=1640280691-RQ3Go4W3tRxxw4mFnHoTMUr_tY4cr9VMbfK9eOKX-3c
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:50:37 GMT
x-mg-request-uuid
b543fc38-e816-4b14-a557-a74dd0446445
age
186774
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c2352f5dfc5178e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13774
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2Z...
s-img.mgid.com/g/11739857/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739857/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2ZThhZGM3MTU3OWQxOTI3OTMuanBlZw.webp?v=1640280691-9T9EwFe6rtk0yvblz0SzXis8iMUpPEFIEkzxt-nNPm0
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:43 GMT
x-mg-request-uuid
3e9f7b95-03e9-4b98-8791-42c77ae6f293
age
183078
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c2352f5dfc7178e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33276
server
cloudflare
i.js
cm.mgid.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1640280692018619447105
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fa5ac17eb18d8c389f5f5b4c916ed8537cfb6d0f188280de14303cf334c829

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352f52dcf6945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame DCA1 		19 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1640280692043831999796
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352f54e4a6945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
mapping
dprof.site/matching/ 		17 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=24c5a424-8818-4ea6-8e1e-65a6aa25daeb
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/6ed056a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
sync.html
s.adtelligent.com/ Frame 77F0 		1 KB
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640280692018619447105
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
VertaMedia 1.0
Date
Thu, 23 Dec 2021 17:31:32 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://newsyou.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 0884
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640280692018619447105
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Dec 2021 17:31:32 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Date
Thu, 23 Dec 2021 17:31:32 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=YNJJskXcjirLS1K7KiZ8&pi=mgid&tc=1
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=YNJJskXcjirLS1K7KiZ8&pi=mgid&tc=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352f668e66945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=YNJJskXcjirLS1K7KiZ8&pi=mgid&tc=1
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT, Thu, 23 Dec 2021 17:31:32 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJudTJFal8yRXY5&muidn=lbnu2Ej_2Ev9
  • https://cm.mgid.com/google?muidn=lbnu2Ej_2Ev9&google_ula={guid},5&google_gid=CAESEKeGx9UsfBtMzajx13GvZgw&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=lbnu2Ej_2Ev9&google_ula={guid},5&google_gid=CAESEKeGx9UsfBtMzajx13GvZgw&google_cver=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c2352f5f8046945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=lbnu2Ej_2Ev9&google_ula={guid},5&google_gid=CAESEKeGx9UsfBtMzajx13GvZgw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=9c50a8c3-32cb-4fe7-b49b-4ad977eda77e
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=9c50a8c3-32cb-4fe7-b49b-4ad977eda77e
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352f6da246945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=9c50a8c3-32cb-4fe7-b49b-4ad977eda77e
date
Thu, 23 Dec 2021 17:31:32 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=1&user_id=7G9Pr7hsG6n3OB-vvDsBq7s_Gq33aBqr4jjfi9Do
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=1&user_id=7G9Pr7hsG6n3OB-vvDsBq7s_Gq33aBqr4jjfi9Do
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Server
18.185.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-142-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=1&user_id=7G9Pr7hsG6n3OB-vvDsBq7s_Gq33aBqr4jjfi9Do
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=lbnu2Ej_2Ev9
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c2352f66ec78bc3-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=fe13da32-3e8f-4da9-8e82-3ef29dd24300&ttl=1642872692
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=fe13da32-3e8f-4da9-8e82-3ef29dd24300&ttl=1642872692
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352f73b016945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=fe13da32-3e8f-4da9-8e82-3ef29dd24300&ttl=1642872692
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=93428507-8b1e-4435-8e36-f63c0c526bc4
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=93428507-8b1e-4435-8e36-f63c0c526bc4
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2352fc2f5c6945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=93428507-8b1e-4435-8e36-f63c0c526bc4
date
Thu, 23 Dec 2021 17:31:33 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbnu2Ej_2Ev9
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=4384626336298261444&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:32 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
mw
mwzeom.zeotap.com/ 		95 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=lbnu2Ej_2Ev9&zpartnerid=1532&zdid=1532
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
cf-ray
6c2352f6e89759f5-MXP
access-control-allow-headers
*
content-length
95
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=lbnu2Ej_2Ev9
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c2352f6db6143b8-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
merge
ce.lijit.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbnu2Ej_2Ev9
  • https://ce.lijit.com/merge?pid=26&3pid=7ec4233b-89ab-4efe-a6f6-ac92b315b407
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=7ec4233b-89ab-4efe-a6f6-ac92b315b407
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
HTTP/1.1
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:32 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=7ec4233b-89ab-4efe-a6f6-ac92b315b407
Date
Thu, 23 Dec 2021 17:31:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 0884 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16e193e01b3ae667484d6b11a440a75395094ae65e221a43be8d24754b5cac2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37711
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Fri, 24 Dec 2021 04:00:03 GMT
khaos.jpg
token.rubiconproject.com/ Frame 0884 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
sync.php
pixel-us-west.rubiconproject.com/exchange/ Frame 0884 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
750589468d5634b7e99830971becaf64
Content-Type
image/gif
csync
sync.adtelligent.com/ Frame 77F0 		0
0
if
a4p.adpartner.pro/tracker/ Frame 8F21 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c5c4b842-6cac-4d72-84bf-f168a1375ae6%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:33 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
tracking-event
api.webgains.io/ Frame 809C 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
if
a4p.adpartner.pro/tracker/ Frame 1D5D 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2225406d70-d341-4023-9358-0b7d5cd42c4a%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:33 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame D515 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22782c3d48-43cc-415e-8b1a-797a115a52af%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:33 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 61CF 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22fdb6e022-4399-450d-8743-19e061e3265a%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c5c4b842-6cac-4d72-84bf-f168a1375ae6%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2225406d70-d341-4023-9358-0b7d5cd42c4a%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22782c3d48-43cc-415e-8b1a-797a115a52af%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-top.php%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/AVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.12.236 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-984bd72a.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:33 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
tracking-event
api.webgains.io/ Frame 1094 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame A346 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame C238 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:33 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
44453875
mc.yandex.com/watch/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/44453875?page-url=https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO&charset=utf-8&browser-info=nb%3A1%3Acl%3A783%3Aar%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A1%3Als%3A423974887486%3Ahid%3A225207154%3Az%3A0%3Ai%3A20211223173144%3Aet%3A1640280705%3Ac%3A1%3Arn%3A63846961%3Arqn%3A2%3Au%3A1640280690701251118%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1640280687844%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280705&t=gdpr(14)aw(1)lt(26700)ti(0)&force-urlencoded=1

Verdicts & Comments Add Verdict or Comment

340 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 function| _m868360236 function| $ function| jQuery string| ajaxUrlFlatPM boolean| duplicateFlatPM boolean| senseFlatPM object| adsbygoogle object| gnezdoAsyncCallbacks object| head object| script object| mtzBlocks object| node5876 object| node7880 object| jQuery111106919069617365439 object| node6822 string| iS object| iD object| iP string| iR string| iT string| iH number| iI string| GoogleAnalyticsObject function| ga function| ym object| Sk object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint function| flatPM_arcticmodalLoad boolean| debugMode boolean| duplicateMode boolean| senseMode boolean| countMode function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_random undefined| flat_body object| flat_count boolean| flat_counter number| flat_iframe string| flat_sep object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear number| flat_dateMonth number| flat_dateDay number| flat_dateHours number| flat_dateMinutes boolean| flat_adbDetect object| flat_userVars function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_setHTML object| flat_pm_arr function| jQueryLoaded function| jQueryLoading function| randomInteger string| RESOURCE_O1B2L3 object| _0x54e7 function| _0x3ea5 boolean| scriptaddedobl82749 number| __o1b2l3_updateStatsEvents number| utarget_rand number| utarget_cookie object| utarget_script object| l_m3710426218 object| name16now object| smiq object| FB function| smiHTML13245 function| smiCSS13245 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| smiHTML13248 function| smiCSS13248 object| loadedBanners string| scr object| div object| x number| len undefined| newScript function| getApuID object| APC object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID object| shownAds2489 object| initRtb1640280689460588615 object| result string| key string| apuid object| sessionData object| adexOpt number| loadingMedia object| adPartnerMediaAd object| place function| smiHTML13267 function| smiCSS13267 object| shownAds7858 object| initRtb1640280689461669814 function| addJqueryqyBSy function| take_ban_teaserqyBSy function| getUrlVarsqyBSy object| shownAds7460 object| initRtb1640280689461993707 function| addJqueryBoscr function| take_ban_teaserBoscr function| getUrlVarsBoscr function| loadjscssfile function| createWidgetHelpButton object| TelegramButtonOptions object| Widget function| take_ban_teaserdlNYs function| getUrlVarsdlNYs object| google_tag_data object| gaplugins object| gaData number| intervalIDqyBSy number| intervalIDBoscr number| intervalIDdlNYs boolean| laScriptLoaded object| _mgIntExchangeNews object| MarketGidInfC1146775 function| MarketGidCContextBlock1146775 function| MarketGidCMainBlock1146775 function| MarketGidCInternalExchangeBlock1146775 function| MarketGidCRejectBlock1146775 function| MarketGidCCriteoBlock1146775 function| MarketGidCInternalExchangeLoggerBlock1146775 function| MarketGidCObserverBlock1146775 function| MarketGidCSendDimensionsBlock1146775 function| MarketGidCRtbBlock1146775 function| MarketGidCContentPreviewBlock1146775 function| MarketGidCResponsiveBlock1146775 boolean| mg_loaded_413933_1146775 function| _typeof function| _createClass function| _classCallCheck object| web_script number| is_clck function| web_callback string| website function| are_cookies_enabled function| inIframe function| compareElementsWithParentsToSelectors function| compareElementsWithChildrenToSelectors function| compareElementsToSelectors function| Browser object| browser function| run object| MarketGidInfC1122348 function| MarketGidCContextBlock1122348 function| MarketGidCMainBlock1122348 function| MarketGidCInternalExchangeBlock1122348 function| MarketGidCRejectBlock1122348 function| MarketGidCCriteoBlock1122348 function| MarketGidCInternalExchangeLoggerBlock1122348 function| MarketGidCObserverBlock1122348 function| MarketGidCSendDimensionsBlock1122348 function| MarketGidCRtbBlock1122348 function| MarketGidCContentPreviewBlock1122348 function| MarketGidCResponsiveBlock1122348 boolean| mg_loaded_413933_1122348 object| MarketGidInfC1024868 function| MarketGidCContextBlock1024868 function| MarketGidCMainBlock1024868 function| MarketGidCInternalExchangeBlock1024868 function| MarketGidCRejectBlock1024868 function| MarketGidCCriteoBlock1024868 function| MarketGidCInternalExchangeLoggerBlock1024868 function| MarketGidCObserverBlock1024868 function| MarketGidCSendDimensionsBlock1024868 function| MarketGidCRtbBlock1024868 function| MarketGidCContentPreviewBlock1024868 function| MarketGidCResponsiveBlock1024868 boolean| mg_loaded_413933_1024868 object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| dmpProfitclicks object| gnezdo object| Ya object| yaCounter44453875 function| adpartnerMedia boolean| mtzCheck function| WidgetTelegramButton string| cookie_expires object| options object| system object| _parent object| banner_clases boolean| edge boolean| linux boolean| new_opera boolean| ua_ios_opera boolean| ua_ios_opera_mini object| main object| informer string| ban_teaser object| onMainScriptLoad5555 object| banner7883_1640280689461669814 object| banner1640280689461669814 object| banner2489_1640280689460588615 object| banner1640280689460588615 object| banner5555 object| block string| text object| banner7460_1640280689461993707 object| banner1640280689461993707 string| prev_link string| teaser object| googletag number| cur_time boolean| wait_start number| _997726831838 object| _997726831831 object| cd string| dt function| removeGooglePlaced object| onClickExcludes function| mgReject1146775 function| mgLoadAds1146775_0c6fd function| MarketGidCReject1146775 function| MarketGidLoadGoods1146775_0c6fd function| mgReject1122348 function| mgLoadAds1122348_0e046 function| MarketGidCReject1122348 function| MarketGidLoadGoods1122348_0e046 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| mgReject1024868 function| mgLoadAds1024868_0c906 function| MarketGidCReject1024868 function| MarketGidLoadGoods1024868_0c906 boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint413933 string| _mgPvid boolean| _mgPageView413933 function| LoadCriteoAllPlaces1122348_0e046 function| LoadCriteoAllPlaces1146775_0c6fd function| LoadCriteoAllPlaces1024868_0c906 boolean| i.js.loaded boolean| i-noref.js.loaded number| _997726831832 string| user_agent boolean| mac boolean| windows boolean| ua_chrome boolean| ua_ya boolean| firefox boolean| ua_opera boolean| ie_11_edge boolean| opera_dev undefined| ie_8 boolean| ie_9 boolean| ios number| cou object| b0 object| b1 object| b2 boolean| class_selector boolean| match object| items number| count number| item_w number| item_h boolean| flag object| pos object| h_body object| h_doc object| new_post

131 Cookies

Domain/Path Name / Value
newsyou.info/ Name: b
Value: b
.calculator.codes/ Name: uuid
Value: deb9f165-247c-4bb2-8f55-1d85eeff907c
.mgid.com/ Name: __cf_bm
Value: hBIijSMnzyzUeGjwM2m12re6zq4WKH58NsnFLgf_nJ0-1640280689-0-AcXs/fyh5FOP/iAmpS6ioA3AQxSUsMfkgJXWfnVZA/8mj36kSdsBP0VEd2t8AZLeZ8zWXID40QKm9a/WQ6Y8C4I=
newsyou.info/ Name: vcO1B2L3-1
Value: %7B%220%22%3A1%2C%22*%22%3A1%7D
ppvesdfiojol.com/ Name: current_server_session_id
Value: 752c7afeda52481311976dbb8bf5b5aed5a86506vvv813570075
ppvesdfiojol.com/ Name: visit
Value: 1
newsyou.info/ Name: lapuid
Value: fdb6e022-4399-450d-8743-19e061e3265a
newsyou.info/ Name: session_id
Value: 680e3b6d-f64e-4f54-952f-8379e8c76ff1
newsyou.info/ Name: session_pageview
Value: 1640280690.1
newsyou.info/ Name: site_visited
Value: 1640367090.1
.utarget.ru/ Name: uuid
Value: "MOiVTuJSCR+iBVl9ohgrHQnP0d9Sot4HnnVENpCytoI="
a4p.adpartner.pro/ Name: newsyou.info_ref
Value:
.newsyou.info/ Name: _ga
Value: GA1.2.1382827890.1640280690
.newsyou.info/ Name: _gid
Value: GA1.2.1908545652.1640280690
.newsyou.info/ Name: _gat
Value: 1
.yadro.ru/ Name: FTID
Value: 1XnB9n3mUE8E1XnB9n000V8n
.newsyou.info/ Name: surfer_uuid
Value: dd98fe8d-2200-42a0-afcb-77736cbf2577
.newsyou.info/ Name: la_page_depth
Value: %7B%22last%22%3A%22https%3A%2F%2Fnewsyou.info%2FAVSTRALIJKA-PRIDUMALA-KAK-SPASTI-NOVOGODNYUYU-ELKU-OT-KOTOV-FOTO%22%2C%22depth%22%3A1%7D
.newsyou.info/ Name: page_load_uuid
Value: d6a94512-57aa-42b6-9568-2303eb8ace5d
.yadro.ru/ Name: VID
Value: 3B7KVc3GP_OE1XnB9n000DJ1
.newsyou.info/ Name: __gads
Value: ID=ec210b25925b43f4-2226c60e0dcd0090:T=1640280689:RT=1640280689:S=ALNI_MY9hofGaqGGKkXLtaojxPwrM3za3Q
newsyou.info/ Name: cbtYmTName
Value: P0QdVlsdBR0GDFtdWloHDwgNW10IBwoPHULu
a4p.adpartner.pro/ Name: apuid
Value: fdb6e022-4399-450d-8743-19e061e3265a
a4p.adpartner.pro/ Name: apudmg
Value: 1
.newsyou.info/ Name: _ym_uid
Value: 1640280690701251118
.newsyou.info/ Name: _ym_d
Value: 1640280690
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 339897778fake
loadercdn.net/ Name: vui
Value: ea332183d12a4e4992d74371f4067b34
prodmp.ru/ Name: rai
Value: f6a304f2b8f4c9677c80627417cce688
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1289967809fake
.newsyou.info/ Name: u_count
Value: %5B0%2C0%5D
m.mixadvert.com/ Name: 81b6247e2a128a86393156679a765d9f
Value: 438579%2C438578%2C438575
m.mixadvert.com/ Name: f3a826c60b78eb15a6c7bbaea354d6d9
Value: 1
.newsyou.info/ Name: _ym_isad
Value: 2
.eskimi.com/ Name: __eConsent
Value: 1
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWHEsnJOEAUcgQ/fAoq95qeUXmBxN9DsRVQ2aqikQl8D
.uuidksinc.net/ Name: jcsuuid
Value: 188CzdHEifbwxRCUHM8c
.mgid.com/ Name: muidn
Value: lbnu2Ej_2Ev9
.adhigh.net/ Name: gi_u
Value: uxYDpMae5pmN.AikABlF96FkO0w
.acint.net/ Name: cSyncDp14v3
Value: 1640280690
.yandex.com/ Name: yandexuid
Value: 5697747901640280690
.yandex.com/ Name: yuidss
Value: 5697747901640280690
mc.yandex.com/ Name: yabs-sid
Value: 1145889461640280690
.yandex.com/ Name: i
Value: TIcLdCwdOqTjYBDqeq60YYDBIVgzEEDSkZ2ct0LjAlZLOOkMowM0PKHzAuAYAUGKO7yo2DNRMQe+5IDubVyMiWlIewk=
.yandex.com/ Name: ymex
Value: 1671816690.yrts.1640280690#1671816690.yrtsi.1640280690
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWHEsnJksQAWEctuAgM90Dwvx3FU0zQDPgjtqD1wcIPX
.newsyou.info/ Name: chash
Value: OymJBnPJUr
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
.doubleclick.net/ Name: IDE
Value: AHWqTUnWQAnf1LjZXo7LrzNDUCv4fsGxdFW3kuzxFki2MjGHFKy_jOVg4KGwOT2qflA
m.mixadvert.com/ Name: d18cbeca386b1d0a9a26420077e104ca
Value: 438575%2C438578%2C438579
m.mixadvert.com/ Name: b35a58b0d6e970945283857b262c4a32
Value: 1
.gnezdo.ru/ Name: weborama_cm
Value: 1
.gnezdo.ru/ Name: uid
Value: uZQlT2HEsnICY0OO+SnNAg==
a4p.adpartner.pro/ Name: buyeruid_47
Value: e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
a4p.adpartner.pro/ Name: buyeruid_57
Value: e6e8749e-312c-5365-b2d9-2e0fd31d9c7d
.quantserve.com/ Name: mc
Value: 61c4b272-f34fe-0aa66-6608f
.agkn.com/ Name: ab
Value: 0001%3AJjED3IEbbi8wkkY%2BGcG9mTQkGeowBlzn
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: YcSycxXGRXvQFkJFepfwagAA
.casalemedia.com/ Name: CMPS
Value: 5222
m.mixadvert.com/ Name: ace2b015700b9b0ebe20e49df50d9ffc
Value: 438575%2C438579%2C438578
m.mixadvert.com/ Name: 8c7239b3698670cc11540a0d8f9b4062
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 767FC742-0724-4B57-9DD6-617FD980E5ED
.doubleclick.net/ Name: DSID
Value: NO_DATA
.rlcdn.com/ Name: rlas3
Value: VNekRbwnetueCmc0cxbRrK5ZjTAz+4UDxMF9WiPnJVw=
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007F72B2C4611C05104E02DF0F81
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007F72B2C4611C05104E02DF0F81
a4p.adpartner.pro/ Name: buyeruid_64
Value: ed3d774a-0b3d-4de2-649c-6bd8d28d10b3
a4p.adpartner.pro/ Name: buyeruid_63
Value: 2fea7b74-a56a-4499-5ac7-675220c33abb
.rlcdn.com/ Name: pxrc
Value: CPPkko4GEgUI6AcQABIGCOndKhAA
.betweendigital.com/ Name: ut
Value: YcSycwAB3JAD54Vyqv-b7uzRZOLjHrMGbrgFRQ==
.casalemedia.com/ Name: CMPRO
Value: 1191
.casalemedia.com/ Name: CMST
Value: YcSyc2HEsnMA
.agkn.com/ Name: u
Value: C|0CEApV27zKVdu8wAAAAAEAQ13AQKAAQpAAAAAAA
.hit.gemius.pl/ Name: Gtest
Value: KlGdWRaGQMGGkKEEkUsYm3sissGMXP8cXRbG
.aidata.io/ Name: __upin
Value: +MME8UhN0s+iTTKC4SadfA
.aidata.io/ Name: __upints
Value: 1640280691
.hit.gemius.pl/ Name: Gdyn
Value: KlG39RXGQMQGaEl6GHsYm3sissGMXP8cX8ySssX6nsGfGSfeH72xxjGoxcxSY8CBI8l8MG..
dmpprof.com/ Name: uid
Value: 24c5a424-8818-4ea6-8e1e-65a6aa25daeb
.e.dlx.addthis.com/ Name: na_tc
Value: Y
dmpprof.com/ Name: enrich_data_v2_5
Value: 1640280691
.addthis.com/ Name: na_id
Value: 2021122317313100012659200273
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 61c4b2731c7e1c78
.addthis.com/ Name: ouid
Value: 61c4b27300015de4660383573cbf040aacb3d89bac981aecf830
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20211223
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.awin1.com/ Name: awpv10679
Value: 412871|1640280691|2b13aa90-6416-11ec-a9fe-2263e4039ea6
t.adcell.com/ Name: ADCELLvpid2945
Value: 164800-46690-oneidqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3oneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth%23%23%23%23%40%40%40%401640280691
.lead-alliance.net/ Name: ppv1225
Value: 2021122318313160669259061X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidKgkE9-oO-VJmR9vcUDp9RFYHoqjVLjG3asuid__suite_Netmix_Reach43_TopRotaMonth
.r.niwepa.com/ Name: tsv
Value: kOA!HVAnkYxzTJ0!AQ|CkIw!A!~BW9a-CLA*3q
www.lead-alliance.net/ Name: PHPSESSID
Value: o3qk972oqst9ht8j49c3l8tfhf
.lead-alliance.net/ Name: ppv1226
Value: 2021122318313160669259069X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth
.awin1.com/ Name: awpv11938
Value: 412871|1640280691|2b1f9170-6416-11ec-aa5f-2261f8d01a34
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0MDI4MDY5MXZsZWExZGUyMDIxMTIyMzE4MzEzMTYwNjY5MjU5MDY5WDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZFkyamNyZkczZlltNVNWSDlIZXRRdFJSOGNBVDFUSzFUcm9uZWlkX19hc3VpZC1GQ2RfXy1SUjJIa2s3TEJyczZURElfMTRNXzlxMENWYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY3OQ
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0MDI4MDY5MXZsZWExZGUyMDIxMTIyMzE4MzEzMTYwNjY5MjU5MDYxWDExNzY2M1YxMjI1MTMxMTA2TVNvbmVpZHBWRVUxZjhnZm1neDZha0g0SG10enRRUUtoZ1RSVDEyVUVvbmVpZF9fYXN1aWRLZ2tFOS1vTy1WSm1SOXZjVURwOVJGWUhvcWpWTGpHM2FzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTc2NjM
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1640280691_2b1f9170-6416-11ec-aa5f-2261f8d01a34%22%2C%22sp%22%3A%22awin%22%7D
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313160669259069X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313160669259053X117663V1225131106MSoneidR5Xfgf6QFxkxFkHwH3tQtddAFwTzT7gs7oneid__asuid-FCd__-RR2Hkk7LBrs6TDI_14M_9q0CVasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
servicer.mgid.com/ Name: __mglb
Value: 4aae4d8c393f422d100aefd60785b084
dprof.site/ Name: uid
Value: 24c5a424-8818-4ea6-8e1e-65a6aa25daeb
newsyou.info/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1146775%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280691970%7D%2C%22C1122348%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280691968%7D%2C%22C1024868%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280691973%7D%7D
.creativecdn.com/ Name: u
Value: YNJJskXcjirLS1K7KiZ8
.creativecdn.com/ Name: ts
Value: 1640280692
.bidswitch.net/ Name: tuuid
Value: 7ec4233b-89ab-4efe-a6f6-ac92b315b407
.bidswitch.net/ Name: c
Value: 1640280692
.bidswitch.net/ Name: tuuid_lu
Value: 1640280692
.quantserve.com/ Name: d
Value: EEkBEAGDJYEO3KwQ
.360yield.com/ Name: tuuid
Value: 9c50a8c3-32cb-4fe7-b49b-4ad977eda77e
.360yield.com/ Name: tuuid_lu
Value: 1640280692
.e-volution.ai/ Name: v_usr
Value: 1e89cb90-1b13-4b39-a75b-edc29bc47b27
.adsrvr.org/ Name: TDID
Value: fe13da32-3e8f-4da9-8e82-3ef29dd24300
.idealmedia.io/ Name: muidn
Value: lbnu2Ej_2Ev9
.zeotap.com/ Name: zc
Value: 954ede09-d521-47fd-4a13-8a31fdd6214d
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwj-wLOsmZGjOhAFOAE.
.lentainform.com/ Name: muidn
Value: lbnu2Ej_2Ev9
.smartadserver.com/ Name: pid
Value: 4384626336298261444
.mfadsrvr.com/ Name: tuuid
Value: 93428507-8b1e-4435-8e36-f63c0c526bc4
.mfadsrvr.com/ Name: c
Value: 1640280692
.mfadsrvr.com/ Name: tuuid_lu
Value: 1640280693
.mfadsrvr.com/ Name: ssh
Value: !mgid,1640280693
cm.mgid.com/ Name: mg_sync
Value: {"287839":1640280693,"371158":1640280692,"501037":1640280692}
.adriver.ru/ Name: cid
Value: AVoiAtcQcV0u4ugqbEZA1rQ

5 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9496.ApChbVcSr-Z7lIIIXhTHwgxJqEoL019s0HUdgyXdNhk4szcSisF32WcHGM0VC6nSTAifICB7tPSU30vUsJIrzQ%2C%2C.LAGfRWHQa7GSUExfE8SPRcjmdXQ%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEDFmhcn1ZTfuM6wlWzq9Wzk&google_cver=1&google_push=AYg5qPLbTgAqE1YCyhm9Ajm3F1IhQeDL1vJWAwm0Eei6odlK7Qnt7EfTF9MTkT5JPe9lSof-3pTndFsLBJjw79f64JPVEr4vbb0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_cver=1&google_gid=CAESEBNNnI7ODxmYkAkjrXf04Rg&google_push=AYg5qPIPXNgcGdsHKjWOKeDl5fpKJAZuvLK_xsK8wuHqsnsBsgqYbDblaxUTg2dMMt0bT_fVVil2HICo3Lk0fVshGcvTfqdBeFIW
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEGYslPWnBnUxzt0T_SdQZRM&google_cver=1&google_push=AYg5qPJrvhejVb1h4tx6yMnQCcn52l60jFOAhfFuHjl9Gl1owPtRdbTZU8577SMBWqwmBE04WTjU2-t4DoXMaBBnsbMUh0W0OmxeY2Ijq4_R0pQzlAkfkm1dbNp6Zl5heANkDlRiK24ANXTxL3u1Fqo-dw
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSycxXGRXvQFkJFepfwagAABKcAAAIB&google_gid=CAESEO-ym7PdYOd40hACqyPN0CA&google_cver=1&google_push=AYg5qPLHNCb3gD6tBC0Je_9Y62IoEC4lX5IQetbMZWysHkrr-AsGmOLeAybTbTR3pW2FA74dXHgJnKs8sOHj9zP5g4yeLoUnJQKzVKippnRWxSH34upXDXFhpNbAFU0x4zSzL3axWq4JSxpyNLOULuTo_g
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
acint.net
ad.360yield.com
ad.adriver.ru
ad.doubleclick.net
ad4m.at
ads.betweendigital.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.mgid.com
calculator.codes
cat.fr.eu.criteo.com
cat.nl.eu.criteo.com
cdn.mgid.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.quantserve.com
connect.facebook.net
counter.yadro.ru
creativecdn.com
d.agkn.com
data.24smi.net
dm.hybrid.ai
dmpprof.com
dprof.site
dsp-trk.eskimi.com
e.dlx.addthis.com
eus.rubiconproject.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fcgi5.gnezdo.ru
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
guepslka.com
i.i.ua
i.mixadvert.com
id.rlcdn.com
image6.pubmatic.com
img.adpartner.pro
img.servestatic.net
jsc.mgid.com
jsn.24smi.net
loadercdn.net
m.mixadvert.com
match.adsrvr.org
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mixadvert.com
mwzeom.zeotap.com
neso.r.niwepa.com
news.2xclick.ru
news.gnezdo.ru
newsyou.info
ocmurc.com
odr.mookie1.com
openfpcdn.io
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pix.eu.criteo.net
pixel-us-west.rubiconproject.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
portal.blau.de
portal.o2online.de
ppvesdfiojol.com
prod-rtb.ad4mat.net
prodmp.ru
px.adhigh.net
pxksnymto.ru
r.i.ua
recreativ.ru
rtb-usw.mfadsrvr.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s-img.mgid.com
s.adtelligent.com
s.uuidksinc.net
s.zmctrack.net
scontent-frt3-1.cdninstagram.com
scontent-frt3-2.cdninstagram.com
secure-assets.rubiconproject.com
servicer.mgid.com
ssbsync.smartadserver.com
ssp-rtb.sape.ru
static-de.ad4mat.net
sync.adtelligent.com
sync.e-volution.ai
t.adcell.com
t.trafmag.com
telegram.im
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
utarget.ru
vcmjf535tx.ru
www.acint.net
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.instagram.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
x01.aidata.io
zn3.2xclick.ru
cm.g.doubleclick.net
mc.yandex.com
sync.adtelligent.com
104.111.215.191
104.111.239.217
104.16.221.74
104.19.132.78
104.19.136.78
104.19.217.61
109.206.161.21
136.243.84.74
142.250.184.230
142.250.185.130
142.250.185.66
143.204.209.32
143.204.209.81
144.76.118.233
145.239.108.234
146.59.12.236
147.135.189.55
148.251.139.77
15.197.193.217
157.90.179.214
165.22.198.175
178.250.0.160
178.250.2.135
178.250.2.148
18.185.142.87
185.148.37.26
185.148.37.79
185.184.8.65
185.187.81.40
185.248.101.21
185.86.139.94
193.106.95.134
193.200.65.18
193.200.65.5
193.232.150.44
195.201.243.71
195.209.108.39
198.47.127.19
216.52.2.19
217.182.200.20
217.65.2.150
23.37.42.132
23.79.143.124
2600:1901:0:76b9::
2606:4700:10::6816:294a
2606:4700:10::ac43:db6
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4679
2606:4700:20::ac43:4a81
2606:4700::6810:135e
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:802::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a02:2638:1::2
2a02:2638::2
2a02:6b8::1:119
2a02:cb40:200::242
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
2a0c:5c81:5139::2
31.220.27.134
34.120.139.69
34.242.207.34
34.254.166.91
34.98.67.61
35.186.253.211
35.187.117.15
35.212.212.222
35.244.174.68
37.18.16.22
46.236.13.147
46.4.114.109
52.29.77.212
54.171.63.239
62.76.25.28
62.76.25.4
69.173.144.139
69.173.144.165
77.123.132.26
77.123.132.42
78.46.85.162
79.171.117.17
8.39.36.142
80.211.42.243
82.113.101.132
82.113.101.236
82.192.82.4
84.200.5.215
85.192.12.169
85.192.12.173
85.192.12.174
88.212.201.216
88.99.63.132
89.108.119.28
91.198.36.16
91.198.36.78
93.95.100.117
93.95.102.105
94.23.153.171
96.46.186.57
00c2021bdac59d8348ce96f8eda3d24c9d1d99d6c60f63e020c6567e39078d11
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02fa5ac17eb18d8c389f5f5b4c916ed8537cfb6d0f188280de14303cf334c829
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
07d3055d7d1cf28e13d91206d6dbb2d7c96810a5a876901501ed0ebffead93b0
07d994a7b5b9f4862fc868a3f05297a0bded27e370a121b3bedfbc5e2842a4af
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893
0915647be71a23f06acaa3e4c6da4a08e09c448f57d07c1b8a0b7c3efc280002
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd
0b033515b1023d80f80ee227136cf5509f6e5b66bb39450ddafa1d1bb5b2acab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7f61efc249846bb2895dcd28853631248d4cc08ab2e6339f9f32c3b82456e1
0c95217de419320bc425e8d25622f90f2954a4c18f82b70279a157d69f47b6ff
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c
120ce8465a3f474c502ae7fd233adea11f7f6e1e459e9f9e64e28a52a5b05e06
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc
1388349c524397d81d70db145e61afd336d7916d99c7e5bac6cd100bd20b0e97
138bec58cfd65720c14272d5aed343b949207725edd5f676bdcd9bb092c963f0
151c06c923bac8754c9adb23cc21cc04c078aedb2b2702461be9adc440c14a42
15d718acf029bd29c3a46d693356d06513006ea14a0cc71bb3e72277562bdf45
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
16e193e01b3ae667484d6b11a440a75395094ae65e221a43be8d24754b5cac2e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db
19a37d362d6722180848f57ad29e94769278dfb86cdac77c8f43bcc0ff76f3ca
1b86d8c739c9f3e1ecfde56ea85f699ebeb53a6d576523828150c147bb11f54e
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
1e98a3ede349fecfd14a4b6cefad84f9b31076e53f30fb2bbb63adcd54f0f64f
1ec53179a71bb19d3bdec146371021485e5a26ea598ad52816bbc4a9bb5afb27
1ed1d1cb8623bf3167e5cbb2b7c30b8d26f243976ee9f6788d34a4e4b2de3d83
2204df4354c591cab7a5d3b933b7963b00fee63ab9d9bd8841b8899b4b8db0e5
22364d9de6d3a227b12361aace79a5dd19368d1a7502acd0ce2d26b967817649
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
237b702106249000fe1855d0d7649126cb0c18c4703b6dee0444e408c2eaf3ff
23beda30424ac7c49957ce15299d0199803995498851441548cf89108a12871b
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a
23d4ff56472c50842f5abc21d8d64e03cfb011f0975907cc17c25db04da75b94
24afe35f0ece022407bc8f2b736311b494d0a3ab1ecc5c22f8ac112ec59e3ad0
25518d2c841e59dec58e64b57333fbd2640ace7042fe584dc19649690e14272f
26a261af9bd49b78821bcf7c527ce2e3e2cfc1ad9edc75d40372668e26b63dbb
26ea166e3cfec1a87808c475d4962c062eace8fc7a9e160f8c6d34595b94c69a
27643e651751bd6c2cbe1350d6336dd8cc807049b14bdecd4620d7e1afd010ad
2765934cfdaf7614486e679553d0907d6125c9e632d6ef737efdefa4ee806bbb
2792408224dde6373f1778228a05505a2a36913137c920af418594c08133fd0a
28c3b24f87d5f92b9674f8f01f11fb31a3e68538ea483ac9812986bb8b8d9294
28d4bd1f035e957aaa00531c44df5cf7b802ae9235261ed370510fdd1743a52b
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
2c33cc984e198446e877527a87cc42c9d226ee5dfee4202ca623e924762dee39
2c6da72d57c6bf45064a2787e171816cc08c298bcc6219952a2d0910c2848b41
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea63b7ff6ea5067f38fcc1c184d1aa338ead7e05a5d8700099c0515ad7aaaa5
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216
31922f6bdaababf8e0e03e478c4a8b1fc394462d5a659effe7f32d01ee74d708
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
3313e847415b94cb7bd7de08544ca540dbb3baa99a5254d7491c5612fdce5cd2
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
36ec49899d11ed19c5039d0799fb7327f52f139111ef58b186bed6e9b37d23f4
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3958344a34548f2938bb9536ccb47119f9b461b39e4c7efe053613d64d5b1fb0
3a2eec023adc8c05274eed54b4443f2a95502bba843fe0685313d992785f7c6e
3c6026f564d0353e7a94d94a6b91a3e19c127b4170fb46da20056845fd9c36ba
3d86ea1a91933592bc9f2aa122fdf67bff0e2ce2c79f548739c4d2e96ac5553e
3e962b756b18f4912ebffe0e6df36a46fe41cb82d6847c7b1c1bb02a96543775
3e98125694d9931deddc26813896339026c50c64573e32a896c6e2ae6d8d4db0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb4db2e6c27e9a8a54e3a1d233f47265a21634f8021c4f750578e5af7f2c590
3ef2df70fb969b54f937f8840677fd07fb06e6d1438418ef7132e48c9464ab7d
3f3f119ba13baaa19ef838036c2b2325ea1408f799b505f7b0e89819eb53e2e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
41c73bdf826bb64778e01442194521dcf0c099e52da680066b5e1039070f35f8
42f1001a0d21e42b0a40b9ff231b0ba95c48b4fd2fa21d3e4f1aba15e202b018
43dc3983640ba12fb14182f320bc891ae83c1fed2cb433627d036f083260e2b9
43e18649ca38c32a8dfa6c93a6576b51716b8ccafb91d6dae9fd58292bb0aed2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4435e7acc1fd6ce0b183e859195e7a81bbf2a33f34d9b21457f0c70e2956a6b4
44657cea2ecca4fc55282de2847f37378634b8999c72cd7028afbb8f9cfd23ee
4518e594b73c1f255cc2088838a8be45182e2872c3b56a0914a7aac6cee0d90c
457209948488419d46e3c984bd166f1a8c1aa2907da4726677bdc62a60767154
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
45f859876051453f994e911f45cbcafe20953e7cf06a289715f9094b38ce8a77
463692403b9904ace70f73fd33bbbf090d5ad5ea444ba39d0ee3ead6437bb0e1
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
490441ac953e6c99ca8ccc03e8a52b19b957bef3e2618f11f31a6f7ca7f500b2
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a63bfd2897cb09dddcb0ce78113e21139694e3ba54ef8ff4101c45b2cc1d375
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4d663bccb358a9d9b1889d6d78b0ebb3c6f7f7297b310d4d44b8fd27e3afdd57
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e587a8d5f90b22709912b0548f69048d977d5ec2269089b4a7db398426f5c5b
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50787a7684b4c3b017af0d1f754e97969bdd6cf20bf2d59e81d614dccc916c84
53d4838c949b3ae0f34448ec4399d3ef769ab853c47f45e62e85c9912beecaf6
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55306872269e2f1b8b7df1b131017007577c4b4ae361f9c1e3cc0118e0e29b1e
558dbaad55245ea77b644222f1fc53449e83f54e30b71104ea6e0c55e570d88f
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
578b130d8727e233ece4772e7fd7680c22d200c00c76135d141a9ce2327f9126
57ae999bb7da44a39a0f4c1c0395b62ffa08b7b37ce91119e5d2433a1007efec
582aa6fbe17462099284fca466d4d51776f9faa6e68f597c44082dff160014f8
584cef30c8b0276d0fa2b0a7999ca5eb2de381f83546601106665e47d538f23c
586b95b8f29d6808b49ce0325fefc7af40a14bad123850810606009bf9ffe14b
5949b0dc3386997c1532101d0f4193aa49441ee6b3097d776a2157aaa37e39a3
5a2fce6ae37e706b9ca79b18a22f786aba70a7f45d13ae393a760926f1f00c10
5a36bc3320994bc36acffe86b4bed2212cdb3e84d38a739b813c3fba3e9f1066
5a73277f8256e35b53d78e4bcca364ca7bb907ead0bf58eceeda4372a04b5862
5b0b95743838e3e37f94068193d4937c1c7424f0879e9845ff1930b76119fb45
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
5cd40fe604b58b6d0f2fd44e5fcc9423a943051aedfc3d44aeac6612dd7e2050
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5fe718a3f71d796a8c839f91b9a26cf201757f1d2a6e77cf24d553f60302ed24
62c9183ace7ffb179b0dcfe1b88a807e6bc9a649eb6dd0936b7ba94528524929
631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e
6650ede810b8f9d3e300b3fc50347b96590fb002e03a8111919c10a898f9ab9b
6804acce8caf4034e76ca17282755c64641e3d54ae4c7f6218d059d076cb9e22
6872aabc6aa86d159dcb1452a0d3f2e1cb69caf780db52d08b7f7607ed29d9b8
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b59d92706ff19dbb5da12e89f7f23b020f687c3461177be79f12967b2f6b2ff
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
72eb47be0de224add691e0ad18bf8ff3decae4be687d16893ae7bf2be0759fed
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
754d79c32d86a3d7b2ad327189b991f978f9c1c6f41f9bbea98eaa750aee9c93
77c3adb259b7ec837f08a09fa2f9fa0db31cfdab2ab0b1f8ce89a5796c669a72
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7aa01b65ddab63af081b179c28164c663a40e042b2ba1fed2644ee6f9d2a211d
7aae63036faaaa4b9d339632134c645b626780dff3e108cef697b5754782e8ac
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
7b988dc847005013c7bae420fbdcecc1bdec9818bf1ffe2e7709b3d25613a956
7bea74a8949fb8732fcd7fa98dc7f441dde603024aa79ddd781521c85dd33b93
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
7e436efe4ae1cd0ebb3e5fef30ea54de8151e1dfabd9cdc0abe1b87e7b216183
7f3300b622d75ac47835fbabadc40226e1aefd7f5515d54d7654f3c69b4447d7
810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635
815a5ab6cbd87d88a2b63046bb14f985e55af8fdbcb801262405ddc184c6f1d2
82c3ed6ff4ab2a922e388aa0ae0894d86036393ebff63f2e7e74efa9f708cad5
83927a60099c70a47fad6b301c4856d8d50dcd99e1183171946c52bf662640c4
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8473797be0b563e1c92469932dd814fa7c88385bb5821effa6e5be11c2195405
8479b571451bd702b716cd878fba60c3468d16eb11d952ee5be3316ac7d17633
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
86c269f58ff013e4c961ae50583e44adfd794f0d415030a549cf2f92db0295b3
8773f887e6d0472f166df5c8d38f43a81ac55d5174ebdd9f5d9fb6e53961fa8e
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972
8b659f72017df1d6cdc07307be915ec445d7640648eda9f055cffa10dafdc722
8c247b384ea13074aeeab8f5b587a62da3b1e02bfa19e85b0406b48359d3e956
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f3fe04b37590b24ec4c7edf763d19a8ee1c626674f16f1ba917708c2ffed879
8f8612f9c5dd788cd2a7985006199d0363f9c92d2c8015d1e2c337584f6d0e02
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
907af162f672cea1650def46927f38c924ad384a97d70cbfeba3112a94b7240a
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93295644da9af673ecf074ce2a3962f685662b6f69c498a77a37e4708b84ce5b
96365d0efa97cf43a947425785b2bad3f7eb518f6222143d2674cbf29fe92d3a
986036fffea7b52937718badd063cc28a6da29792e6df5c0176b302008928381
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9eec64368167047f9d996ee210b6d3bb01980aabadd30d0c9a65c6ed78bbd35e
9ef5c9fc195c8285626f31941962c165336f0fb8d0fe7b86fd52adb5b723d1e8
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d
a01130d5e5f062ceef312075d64ca5ad02b0dad67af3bd81348efda12411e145
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a41dcbd329d868e05e5e9858ff37d168c8d12aeed21067576e474c82bd20f4
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f6eb33e5d0784424c50928f052711173632c101554554bf74bc34fab4de995
a2659a2bec3dd8d1ce6ca6fa09cb226521d7dd8c45f16cc1adce4aaddf239325
a2f3c2b861602e257b40d68be8f7b80fd70b0c28e28705e92d414c1045483483
a3188fa63b352a6bc9ebeca3bc23abb61b390c969dda21ecde5f40b4a6f14a76
a49ecc05f153263a91710b4e50cf77a9bdb2a859767845a557ca0f93c45ad0c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56ca824f325531658f14b5c5b6c336391302b26fb4434782b0a43846f33d883
a594538bb4d61b11243241a09f6220621d84489370e055fec96138e308f0db29
a7f657e5262ea0d6577c5ba7ebcac570c49c310cb8db32db4645df90dc8ebad0
a92612b9748a86d86668384da155e92c39074bde96917e864157360085f35fc6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa6f4107b5a29a1b3d1e0fb085191dcd7d8bb9497ae061d1e1304abd20891f86
ad9c0d622fbba508019a4449cd560b501fd1c1367a117e43f806ad5747dcb2e1
adc5388e0bc37ecebea45b7d45e1a62eeb1bc46e796432f78efb188d85457cb8
adc8fc28b66827d96a76ac5be9c44ccea9d61249418820bedd9092c16775ac3a
adde15e03c4f9a9191ba7326ad2e533f339e2dffc96dba666a058d4857879c46
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736
ae16bee9c431d5b877d4cf223f954c678220ec0abd3506e2b14224ab26f3fa83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d8189f87b428e1e35303478ce05cf5100756c6deaf1e8517be0c2d5554c87c
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b6d89e3b5fe9105c2adc070949d5b9f61a63700b8227950e4ea732b1c5699519
b740943c9b48e08e798cb5d60e05c7a80c02fd526b98d7a38b6ab5a67ae03987
b74ce8a781ecffde124a21eb07c907773a6b628363a4e587602ded04b7ed2312
b8ad4278ed4c39bc927c9d53c8d527f89c1ebde36ee0a8ae1a6ddbc14e368dcc
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
ba07a6fa7d7cc4f6b5b28a85169014124073cd45e8673785154d9710624acbc0
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf63cb4a4b9e5bfa7166ac88710acacdc7bfa0e1a6b14b218838bb08b622eee2
bfa2c0fdfc43225f1a7250a9a307e790762e95ce1270aa20f5f54ddbfdcf6118
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269
c0c23011858c549a6b44a63b806ad7d903442196065e04fba6199c97a30675b2
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e
c1d65d6de0430a4dc3a6ec3d3df2692c9a50b4fb1000ef7cb6821c86e3f6ef35
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
c2322faff70a276fa917b8e3ea8991765c705bc2cbc496c31452360b7b7861e6
c29fb37699996df1d4eb577635c7e9a2b159abf4e95fd99101ddd20f421f5d63
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6
c47b97eaf101991fd9e5cdfce392e1dafb9fe99585e757c4865447772753b3a8
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c71cfdc5d8624558e2cc670a0dfacfca40f7bafd4f1393ed067e4e381ad8e6e5
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccd0d28962618c48f75fc894dde961d87f9bf9c1a45ed23e0ffc27eabcad7bcd
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
cd919786e58a29bed6ae038fd3e7f514232525798fc80a3d1127a5d6c5c103f4
cdc6a672e24d84d0277383399879fb8a1d6e02cf7f1fab4fe2a31aa173ad9faf
ceaae9923dca5b17e98396a3ed20b875f581afe2aa92f7d01a01d03b393017c8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0d66802557812dd25242f4e6d136a16f527e374c83382f9d67efe1109d824dc
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d18621f7385067fcfd7ddf9af42da75c9026a0d74be6db9580f5fbe6bf73dbce
d2579feb979f2311843dc741b08fdaaf1a35997ada17ccea6d527193319aaad2
d3d0cdfe519a741e15c2d98c860903b2b38f55cf48c4b3b5f2185e3b09cd7496
d451478e68967318296d36228990231513bc7f5e5de8c11d825f8061a4e5e6cd
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b
d6d562a46bb2bb71db0358cadf8e9ee6037d64fe8b8bb2f2954756d417875e1f
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
d9f19c66edf7895c612ae203a0d4171903c65085f6bc421dbf73dc3db5485eeb
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
db4d184c4aaba281b76d4a58fe4575358acd4dd2a2ed9e4be34d54d232b80cad
dbe0cf6b50ec23fd38afc516f0b26906780ec018276247a735f51a47a7aa76fb
dd0377ec36b97a4a5f62afa27cdcded344619ab365e8af6614afafeea3f67a00
dfe0de6e117fe3ddc32d7d5bc796bc279a336a4a70f8236eb9a45f743fad8e6f
e203e224e5db4d6614a7dab7c0e6f5b41be1b480d0c0729000b30186c9e97a9a
e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ebfef0ef54cf28346421dd778b04c8d999bce8c1eb4da217f19a450c238c37
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4bb9e0506f58f5253017c1d860a7371ab1488d2c23e3002f4c230ce19fa7cf6
e75ed43041906d7a1a30057773711c90085183a5f4563f5279cfb0519a3c4ed8
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
e8e57e40e378e737e9282a9277113181f7732e6e318191b730f96cd98ba59d5c
e9057d99542450055cbb5d820a5b75a89962373480c2279cba701d077ced4bb7
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449
ebe43817c43c329b2bcf2d0c367782a3085ca9afe0134f56c778be2dfc5bd4d2
ebf831c917cc19797fad0a9243ad955a1f6e57183ad27c2ac123cecb29782bd7
ec23fa82b800082a70a0f1c0ba6d020cfc6e6f0c2c88bad68ae9be93394d5d0e
ed0b2c57fb48529e74ca3a15d008d2e9b478c42fe41600fb31393befbd5204dd
ed5a11894c21c008675badc52c7d06a2b7c37789074ea71fad33c3f449048d1e
ed79ab516c86cb0b3da37d48ebca6f7b1f0b979325cb02db26bf5208cf00dbd9
ee446e8dcd6206ed36314f4b52989124db0630f1a7aa8fe5699c6c2a5130975d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f054bf0870f8a7262d7c6a7c35cb1ceb67823f501c4bf19b8389849fe3cf9838
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2748fdac882bab3f3e1215e9946e0bb4a1b8a1af4c9a6b124e86ceda52ec531
f3039063bdeeddc487f9a6e8f625e1a10c8a37ec37e2707a3a3835aba0fc8686
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
f4874e24c594ec34fd238395daec75e730757fcaaac67c0f6bd04a065b04857e
f4fcea89d430967c0e79d7d860cdc150b8171e52f55b2455509535a9c7d5290a
f62d5f0004cf17df8c41fb5d26e38731b0878d051196ef21eb4d617046bae912
f70a3c973f99e3eed2f2701a107958a41429a7891f2676326fb755b68c164452
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317
f9cae5cdc6c79866685dfd722cb90c811b63814e1832e3b3f581fc334f01f44e
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9
fd2d931747f474519f0b61a2cc093cf55b6345f55c5248e56eb70049de3fdef4
fd42eb21f950a6ebd0e3eb2b9194232ddb6e1421fab1503b03a6d16a7476aecc
fe4258b181fd1adeaa931c5ab02f246a3ff5fda3be34220d82a62cf2c7fdb9aa
ff2fba31cf312d105355e295fef5f3579ea90d5662299a06036f419d32872eb4
ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914