novynarnia.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Submission Tags: falconsandbox
Submission: On July 14 via api (July 14th 2022, 12:54:05 am UTC) from US — Scanned from DE

Summary HTTP 135 Redirects Links 56 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 135 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is novynarnia.com.
TLS certificate: Issued by R3 on May 23rd 2022. Valid for: 3 months.

This is the only time novynarnia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
20	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
13	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.139.243.27 151.139.243.27	33438 (STACKPATH) (STACKPATH)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
7	159.69.174.59 159.69.174.59	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	159.69.174.229 159.69.174.229	24940 (HETZNER-AS) (HETZNER-AS)
8	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f05... 2a03:2880:f058:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
135	23

39 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

novynarnia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

misto.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.243.27 (United States)

ASN33438 (STACKPATH, US)

static-login.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 159.69.174.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.59.174.69.159.clients.your-server.de

ua.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.69.174.229 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.174.69.159.clients.your-server.de

fixidle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 4 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f058:f:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)

scontent-lhr8-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	novynarnia.com novynarnia.com	516 KB
18	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 553 scontent-lhr8-1.xx.fbcdn.net — Cisco Umbrella Rank: 8628	939 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	246 KB
13	misto.travel misto.travel	33 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	183 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 138	38 KB
7	redtram.com ua.redtram.com — Cisco Umbrella Rank: 376626 img.redtram.com — Cisco Umbrella Rank: 478289	68 KB
6	facebook.com 4 redirects www.facebook.com — Cisco Umbrella Rank: 96	47 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	2 KB
3	fixidle.com fixidle.com — Cisco Umbrella Rank: 186433	8 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69 region1.google-analytics.com — Cisco Umbrella Rank: 2603	20 KB
3	sendpulse.com static-login.sendpulse.com — Cisco Umbrella Rank: 444650	30 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	90 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 6937 www.google.de — Cisco Umbrella Rank: 4915	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	110 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 258	14 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	43 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 957	646 B
135	19

	Domain	Requested by
39	novynarnia.com	novynarnia.com
17	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
13	misto.travel	novynarnia.com misto.travel
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	novynarnia.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.facebook.com	4 redirects connect.facebook.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	ua.redtram.com	novynarnia.com ua.redtram.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fixidle.com	ua.redtram.com fixidle.com
3	www.google.com	1 redirects novynarnia.com tpc.googlesyndication.com
3	static-login.sendpulse.com	novynarnia.com static-login.sendpulse.com
3	connect.facebook.net	novynarnia.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	novynarnia.com googleads.g.doubleclick.net
2	www.googletagmanager.com	novynarnia.com www.googletagmanager.com
1	scontent-lhr8-1.xx.fbcdn.net	www.facebook.com
1	cdnjs.cloudflare.com	static-login.sendpulse.com
1	img.redtram.com	novynarnia.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.de	novynarnia.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
135	27

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.president.gov.ua
www.patreon.com
t.me
www.instagram.com
client.redtram.com
ua.redtram.com
misto.travel
sendpulse.com

Subject Issuer	Validity	Valid
novynarnia.com R3	`2022-05-23` - `2022-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-22` - `2022-07-21`	3 months	crt.sh
misto.travel Cloudflare Inc ECC CA-3	`2022-05-02` - `2023-05-02`	a year	crt.sh
*.sendpulse.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-29` - `2022-10-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.redtram.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-31` - `2023-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
fixidle.com R3	`2022-07-07` - `2022-10-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Frame ID: CD4E59626FFC7CCEC6E35CA27B5B389C
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: E1559069BBC92DF35D9CFE617EAA93C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8691795427544580&output=html&adk=1812271804&adf=3025194257&lmt=1657760039&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657760039153&bpp=2&bdt=423&idt=247&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7110021202915&frm=20&pv=2&ga_vid=40300359.1657760039&ga_sid=1657760039&ga_hid=482204828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C31068226%2C44768689&oid=2&pvsid=1175129764789150&tmod=1000719069&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=263
Frame ID: 15B5DF38D91BC34CE60AFB3DCD60CCCF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8691795427544580&output=html&h=90&slotname=8148275804&adk=1857911984&adf=2665882539&pi=t.ma~as.8148275804&w=880&lmt=1657760039&psa=0&format=880x90&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657760039155&bpp=1&bdt=425&idt=268&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7110021202915&frm=20&pv=1&ga_vid=40300359.1657760039&ga_sid=1657760039&ga_hid=482204828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=360&ady=46&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C31068226%2C44768689&oid=2&pvsid=1175129764789150&tmod=1000719069&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=40Hhzxqm5J&p=https%3A//novynarnia.com&dtd=274
Frame ID: 98C2D709EE99B99F58D8EDFAE80629F9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7C495817ABCD80A4B60D376AC0FE7B0B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=http%3A&locale=de_DE&numposts=5&sdk=joey&title=%E2%80%9C%D0%A5%D1%82%D0%BE+%D0%B7+%D0%BD%D0%B0%D1%81+%D0%B1%D1%80%D0%B5%D1%88%D0%B5%3F%E2%80%9D+%D0%9F%D1%80%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0+%D0%BF%D1%80%D0%B5%D0%B7%D0%B8%D0%B4%D0%B5%D0%BD%D1%82%D0%B0+%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8+%D0%BD%D0%B0+58-%D0%B9+%D0%9C%D1%8E%D0%BD%D1%85%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D1%96%D0%B9+%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97+%D0%B7+%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D1%8C+%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&version=v10.0&width=NaN&xid=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F
Frame ID: F1A01A5C6109D7FB1B8E8A7CD401578E
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js
Frame ID: F1C5557CB4D42E0A93BD935D0C586245
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 16DDB8D213D07199A9FCCB742E2C031C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BE0F47F4591E4EBD0FD6CD1B104B10E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

“Хто з нас бреше?” Промова президента України на 58-й Мюнхенській конференції з питань безпеки

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

135
Requests

100 %
HTTPS

82 %
IPv6

19
Domains

27
Subdomains

23
IPs

4
Countries

2421 kB
Transfer

6475 kB
Size

9
Cookies

56 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Novynarnia/

Search URL Search Domain Scan URL

URL: https://twitter.com/Novynarnia

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCP4-EHo95N1itjsHcm-IR-Q

Search URL Search Domain Scan URL

URL: https://www.president.gov.ua/news/vistup-prezidenta-ukrayini-na-58-j-myunhenskij-konferenciyi-72997
Title: пресслужба президента

Search URL Search Domain Scan URL

URL: https://www.patreon.com/Lykhovii
Title: через сервіс Patreon

Search URL Search Domain Scan URL

URL: https://t.me/Novynarnia
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/novynarnia/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://client.redtram.com/exchange/?ref_id=23300

Search URL Search Domain Scan URL

URL: https://ua.redtram.com/cp/611756410/n4p/37763/?q=273afaeb8d80978d5d38a0f1d9a2d5c655e1c2ac7e34a3941283f2d795b6832e&tmload=1657760039&pos=1&ref=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F&ref2=&rtuid=5af71c908b62099984d6a137028ce916

Search URL Search Domain Scan URL

URL: https://ua.redtram.com/cp/611780505/n4p/37763/?q=273afaeb8d80978d5d38a0f1d9a2d5c655e1c2ac7e34a3941283f2d795b6832e&tmload=1657760039&pos=2&ref=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F&ref2=&rtuid=5af71c908b62099984d6a137028ce916

Search URL Search Domain Scan URL

URL: https://ua.redtram.com/cp/611799482/n4p/37763/?q=273afaeb8d80978d5d38a0f1d9a2d5c655e1c2ac7e34a3941283f2d795b6832e&tmload=1657760039&pos=3&ref=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F&ref2=&rtuid=5af71c908b62099984d6a137028ce916

Search URL Search Domain Scan URL

URL: https://misto.travel/?aid=13P92Y.wghot

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=115&aid=13P92Y.wghot
Title: Туреччина 64 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=13&aid=13P92Y.wghot
Title: Болгарія 73 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=43&aid=13P92Y.wghot
Title: Єгипет 74 $

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=10&aid=13P92Y.wghot
Title: Албанія 74 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=135&aid=13P92Y.wghot
Title: Чорногорія 94 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=34&aid=13P92Y.wghot
Title: Греція 96 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=49&aid=13P92Y.wghot
Title: Іспанія 122 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=134&aid=13P92Y.wghot
Title: Хорватія 125 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=48&aid=13P92Y.wghot
Title: Італія 168 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1533&country=99&aid=13P92Y.wghot
Title: Португалія 185 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1581&country=13&aid=13P92Y.wghot
Title: Болгарія 168 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1581&country=115&aid=13P92Y.wghot
Title: Туреччина 216 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1581&country=135&aid=13P92Y.wghot
Title: Чорногорія 218 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1581&country=48&aid=13P92Y.wghot
Title: Італія 294 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1581&country=34&aid=13P92Y.wghot
Title: Греція 315 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1581&country=10&aid=13P92Y.wghot
Title: Албанія 450 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1582&country=13&aid=13P92Y.wghot
Title: Болгарія 176 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1582&country=115&aid=13P92Y.wghot
Title: Туреччина 270 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1582&country=10&aid=13P92Y.wghot
Title: Албанія 282 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1582&country=135&aid=13P92Y.wghot
Title: Чорногорія 282 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1582&country=48&aid=13P92Y.wghot
Title: Італія 294 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1585&country=115&aid=13P92Y.wghot
Title: Туреччина 182 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1585&country=135&aid=13P92Y.wghot
Title: Чорногорія 342 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1585&country=43&aid=13P92Y.wghot
Title: Єгипет 435 $

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1585&country=34&aid=13P92Y.wghot
Title: Греція 437 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1583&country=115&aid=13P92Y.wghot
Title: Туреччина 253 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1749&country=115&aid=13P92Y.wghot
Title: Туреччина 420 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1749&country=34&aid=13P92Y.wghot
Title: Греція 520 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1735&country=34&aid=13P92Y.wghot
Title: Греція 443 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1735&country=115&aid=13P92Y.wghot
Title: Туреччина 470 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1746&country=115&aid=13P92Y.wghot
Title: Туреччина 512 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1746&country=34&aid=13P92Y.wghot
Title: Греція 520 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1538&country=135&aid=13P92Y.wghot
Title: Чорногорія 526 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1535&country=135&aid=13P92Y.wghot
Title: Чорногорія 542 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1535&country=115&aid=13P92Y.wghot
Title: Туреччина 619 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1537&country=10&aid=13P92Y.wghot
Title: Албанія 610 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1537&country=34&aid=13P92Y.wghot
Title: Греція 686 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1537&country=115&aid=13P92Y.wghot
Title: Туреччина 696 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1537&country=43&aid=13P92Y.wghot
Title: Єгипет 792 $

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1536&country=115&aid=13P92Y.wghot
Title: Туреччина 619 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1536&country=34&aid=13P92Y.wghot
Title: Греція 688 €

Search URL Search Domain Scan URL

URL: https://misto.travel/index.php?mod=page&id=14819&city=1534&country=115&aid=13P92Y.wghot
Title: Туреччина 689 €

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Novynarnia/?fref=nf
Title: https://www.facebook.com/Novynarnia

Search URL Search Domain Scan URL

URL: https://sendpulse.com/ru/forms-powered-by-sendpulse?from=6975345
Title: Provided by SendPulse

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 110

https://www.facebook.com/v10.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1721d208caafa%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&locale=de_DE&numposts=3&sdk=joey&version=v10.0&width=550 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1721d208caafa%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&locale=de_DE&numposts=3&sdk=joey&version=v10.0&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1721d208caafa%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&locale=de_DE&numposts=3&sdk=joey&version=v10.0&width=550

Request Chain 111

https://www.facebook.com/v10.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=http%3A&locale=de_DE&numposts=5&sdk=joey&title=%E2%80%9C%D0%A5%D1%82%D0%BE%20%D0%B7%20%D0%BD%D0%B0%D1%81%20%D0%B1%D1%80%D0%B5%D1%88%D0%B5%3F%E2%80%9D%20%D0%9F%D1%80%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B8%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D0%BD%D0%B0%2058-%D0%B9%20%D0%9C%D1%8E%D0%BD%D1%85%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D1%96%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97%20%D0%B7%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D1%8C%20%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&version=v10.0&width=NaN&xid=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=http%3A&locale=de_DE&numposts=5&sdk=joey&title=%E2%80%9C%D0%A5%D1%82%D0%BE+%D0%B7+%D0%BD%D0%B0%D1%81+%D0%B1%D1%80%D0%B5%D1%88%D0%B5%3F%E2%80%9D+%D0%9F%D1%80%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0+%D0%BF%D1%80%D0%B5%D0%B7%D0%B8%D0%B4%D0%B5%D0%BD%D1%82%D0%B0+%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8+%D0%BD%D0%B0+58-%D0%B9+%D0%9C%D1%8E%D0%BD%D1%85%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D1%96%D0%B9+%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97+%D0%B7+%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D1%8C+%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&version=v10.0&width=NaN&xid=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=http%3A&locale=de_DE&numposts=5&sdk=joey&title=%E2%80%9C%D0%A5%D1%82%D0%BE+%D0%B7+%D0%BD%D0%B0%D1%81+%D0%B1%D1%80%D0%B5%D1%88%D0%B5%3F%E2%80%9D+%D0%9F%D1%80%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0+%D0%BF%D1%80%D0%B5%D0%B7%D0%B8%D0%B4%D0%B5%D0%BD%D1%82%D0%B0+%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8+%D0%BD%D0%B0+58-%D0%B9+%D0%9C%D1%8E%D0%BD%D1%85%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D1%96%D0%B9+%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97+%D0%B7+%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D1%8C+%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&version=v10.0&width=NaN&xid=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F

135 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
novynarnia.com/2022/02/19/vystup-prezydenta-munchen/ 118 KB
26 KB 888ms
841ms Document
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: eae6afacc70427c1fbe820feb72bba66cd7526cc5c65afc2fe148c07152bae9d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72a648ccc9519972-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 00:53:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://novynarnia.com/wp-json/>; rel="https://api.w.org/" <https://novynarnia.com/wp-json/wp/v2/posts/315016>; rel="alternate"; type="application/json" <https://novynarnia.com/?p=315016>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://novynarnia.com/xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 dashicons.min.css
novynarnia.com/wp-includes/css/ 58 KB
35 KB 38ms
35ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-includes/css/dashicons.min.css?ver=5.9.3
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: cloudflare
age: 4338506
etag: W/"603ffca6-e688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21df19972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 frontend.css
novynarnia.com/wp-content/plugins/post-views-counter/css/ 289 B
266 B 49ms
47ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.6
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 20:09:28 GMT
server: cloudflare
age: 7971361
etag: W/"61537678-121"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21df39972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 grid.min.css
novynarnia.com/wp-content/themes/novynarnia/assets/css/ 63 KB
8 KB 33ms
31ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/css/grid.min.css?ver=1.0
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ada19495a6822389761a843a7312c7f0e0ee0d3c2e4152fd454d3ab12be90fac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 19:46:35 GMT
server: cloudflare
age: 7971402
etag: W/"6146421b-fd5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21df59972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
novynarnia.com/wp-content/themes/novynarnia/ 665 B
504 B 36ms
34ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/themes/novynarnia/style.css?ver=1.0
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b9a39b97149959b2b52ecdf58be12fafb39a9d83f3003d16c1a2a693dbfbbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 21:26:33 GMT
server: cloudflare
age: 7971401
etag: W/"61465989-299"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21df69972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-min.css
novynarnia.com/wp-content/themes/novynarnia/assets/css/ 23 KB
5 KB 50ms
48ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/css/style-min.css?ver=1.0
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71dfd5ad9c96c84042407093ec44693a59ee235080c98079ce48222372214e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 Oct 2021 18:39:35 GMT
server: cloudflare
age: 5723500
etag: W/"616c6de7-5c94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21df79972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 thickbox.css
novynarnia.com/wp-includes/js/thickbox/ 3 KB
1 KB 36ms
35ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-includes/js/thickbox/thickbox.css?ver=5.9.3
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Oct 2020 02:25:09 GMT
server: cloudflare
age: 4338506
etag: W/"5f963385-a63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21df89972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 front.css
novynarnia.com/wp-content/plugins/super-socializer/css/ 75 KB
20 KB 34ms
33ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/plugins/super-socializer/css/front.css?ver=7.13.26
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e6c2794aacc6f4ece40ba67a391855b77a71a889e7bc61fa246a71792641f10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 18:28:38 GMT
server: cloudflare
age: 7971402
etag: W/"61535ed6-12b23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21df99972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 share-svg.css
novynarnia.com/wp-content/plugins/super-socializer/css/ 101 KB
31 KB 49ms
47ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/plugins/super-socializer/css/share-svg.css?ver=7.13.26
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686a984a5a1b7f770a8f446487028a504259711778820c4d3332674d65d59438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 18:28:38 GMT
server: cloudflare
age: 7971402
etag: W/"61535ed6-193fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21dfa9972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
novynarnia.com/wp-includes/js/jquery/ 87 KB
31 KB 49ms
48ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: cloudflare
age: 7971402
etag: W/"6048e0ac-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21dfc9972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
novynarnia.com/wp-includes/js/jquery/ 11 KB
4 KB 49ms
48ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: cloudflare
age: 7971402
etag: W/"5fb4e3fe-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d21dff9972-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 137ms
56ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-72289807-1

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca380312a4f8f9c286b1322316ea8c8381f5fedf7c97440fcfee1f9c4e76aab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41266
x-xss-protection: 0
expires: Thu, 14 Jul 2022 00:53:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 143ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8691795427544580

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0505a427d2ac12ddd8c1ce970f3312b465bcf3d45b1aba001ca5c55be5618333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novynarnia.com/
Origin: https://novynarnia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56535
x-xss-protection: 0
server: cafe
etag: 252438383342368973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 00:53:59 GMT

GET
H3 200 logo-nov.jpg
novynarnia.com/wp-content/themes/novynarnia/assets/images/ 25 KB
25 KB 36ms
35ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/images/logo-nov.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33cd68c65979017f1aa284e5f84677460493f695b7dbf1164710fca262cd6ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
cf-cache-status: HIT
age: 99316
cf-polished: origFmt=jpeg, origSize=42160
content-disposition: inline; filename="logo-nov.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25484
last-modified: Sun, 19 Sep 2021 14:02:54 GMT
server: cloudflare
etag: "6147430e-a4b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d35cb55c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 search-icon.png
novynarnia.com/wp-content/themes/novynarnia/assets/images/ 606 B
939 B 63ms
62ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/images/search-icon.png
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6742619cceb7dfde60e807b23d59825185cd2f4f2f5cdcc36cf214d706c9cac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
cf-cache-status: HIT
age: 98192
cf-polished: origFmt=png, origSize=2041
content-disposition: inline; filename="search-icon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 606
last-modified: Sat, 18 Sep 2021 19:46:35 GMT
server: cloudflare
etag: "6146421b-7f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d35cb65c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 vystup-volodymyra-zelenskogo-myunhen.jpeg
novynarnia.com/wp-content/uploads/2022/02/ 71 KB
71 KB 123ms
122ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/02/vystup-volodymyra-zelenskogo-myunhen.jpeg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5fb8698f9688c4f1c4a38a4fc8903509876fc645d734d5719f26ffc8d98eefd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: MISS
last-modified: Sat, 19 Feb 2022 16:50:39 GMT
server: cloudflare
etag: "62111fdf-11b15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d35cb75c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72469

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 27ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdf5b6f8ce205cce9f1dae0340abf9c255aa2e1af8e4232e63d4f3ccc1247f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://novynarnia.com/
Origin: https://novynarnia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Bb99yOm9V37rkPm1Rvxwjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: iRfpyx5o1zhMxh1Xk45sZETf/o8Q4pXdjdM63XmF3fANghtFTNShkUuJOK/KfANUAFYx83+/sKXdx30jQ5GL7A==
x-fb-trip-id: 917726464
x-fb-content-md5: 15cebf23d1a76b50088a8a14bab746c6
x-frame-options: DENY
date: Thu, 14 Jul 2022 00:53:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "1e5673a4912e2da5672735066097c876"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Jul 2022 00:57:21 GMT

GET
H2 200 promowghot.js Show response
misto.travel/templates/js/ 6 KB
2 KB 160ms
62ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://misto.travel/templates/js/promowghot.js?aid=13P92Y.wghot&w=340&h=520&b=%23d82f1b&c=%23ffffff&t=%D0%93%D0%B0%D1%80%D1%8F%D1%87%D1%96%20%D1%82%D1%83%D1%80%D0%B8&f=%23d82f1b&cf=%23ffffff&gc=%23161515&gw=5&r=10&l=on&lb=%23121111&lt=w&ln=ua

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1cdd2a07176f0e7efc0cfe9fc40d93072f9ecb95d8d4b6c21ee7a55eec81daa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6315
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: W/"62753a88-18e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5JHHTmL4iXHcg1tbIONFDyOBp0C%2FuUrAuoVigWLGhZjcOFSzbNm1r%2FtgP%2F%2FbTXqUSrox4SEAdCESGDSkQ1kI%2FnXYKEoufWtq02Mgfmrfz7ZWjmAu6KoNVewBf32RVYODd33P4Ff8NP3zIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 72a648d31b57bb38-FRA

GET
H2 200 default-handler.js Show response
static-login.sendpulse.com/apps/fc3/build/ 19 KB
7 KB 57ms
7ms Script
application/javascript 151.139.243.27
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://static-login.sendpulse.com/apps/fc3/build/default-handler.js?1536679416634
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.27 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: fb847daa088a8611168d1ad60aa47c8ba9597d387c0e030348d33261e60c2de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 09:50:36 GMT
server: nginx
etag: W/"6294936c-4d01"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr9
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 15 Jul 2022 00:53:58 GMT

GET
H3 200 frontend.js Show response
novynarnia.com/wp-content/plugins/post-views-counter/js/ 1 KB
710 B 35ms
33ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/plugins/post-views-counter/js/frontend.js?ver=1.3.6
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba3c4e09d6e395f89c88dbbe098366ca9134083506bf88004204080da5ba53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 20:09:28 GMT
server: cloudflare
age: 7968622
etag: W/"61537678-434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d35ca85c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 script.js Show response
novynarnia.com/wp-content/themes/novynarnia/assets/js/ 870 B
615 B 51ms
48ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/js/script.js
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2d7b293e15a8e8ddfb557926224bbcb748ca0e0262830cdfd5faa49cb05995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 19:46:35 GMT
server: cloudflare
age: 7971402
etag: W/"6146421b-366"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d35caa5c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 general.js Show response
novynarnia.com/wp-content/plugins/super-socializer/js/front/social_login/ 1 KB
947 B 51ms
49ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/plugins/super-socializer/js/front/social_login/general.js?ver=7.13.26
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdbc00de393216f6118f704088accc9ebddd220480741d5ed088c01f46f84088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 18:28:38 GMT
server: cloudflare
age: 7971402
etag: W/"61535ed6-599"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d35cad5c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 common.js Show response
novynarnia.com/wp-content/plugins/super-socializer/js/front/social_login/ 4 KB
2 KB 51ms
49ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/plugins/super-socializer/js/front/social_login/common.js?ver=7.13.26
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec350f27c692550eceb6e8f5fdfc7804df39f8f11577aa559db153f4e32512c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 18:28:38 GMT
server: cloudflare
age: 7971402
etag: W/"61535ed6-10e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d35caf5c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 thickbox.js Show response
novynarnia.com/wp-includes/js/thickbox/ 13 KB
4 KB 52ms
49ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Feb 2021 10:54:06 GMT
server: cloudflare
age: 7971402
etag: W/"6034dece-338a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d35cb05c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sdk.js Show response
novynarnia.com/wp-content/plugins/super-socializer/js/front/facebook/ 2 KB
965 B 36ms
34ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/plugins/super-socializer/js/front/facebook/sdk.js?ver=7.13.26
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e11559d9147a5046acecaadbee2fc61ad0c68a30bca5cf08f4e6704caacde66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 18:28:38 GMT
server: cloudflare
age: 7971402
etag: W/"61535ed6-7a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d35cb25c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 commenting.js Show response
novynarnia.com/wp-content/plugins/super-socializer/js/front/facebook/ 5 KB
2 KB 52ms
50ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/plugins/super-socializer/js/front/facebook/commenting.js?ver=7.13.26
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 420d5c7ee5a3e7582b7ed91343962411712a183d42a69395c4bc1fe378699f07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 18:28:38 GMT
server: cloudflare
age: 7971402
etag: W/"61535ed6-153d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d35cb35c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sharing.js Show response
novynarnia.com/wp-content/plugins/super-socializer/js/front/sharing/ 44 KB
12 KB 52ms
50ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://novynarnia.com/wp-content/plugins/super-socializer/js/front/sharing/sharing.js?ver=7.13.26
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4228c09791fbfb34808fcceee10eae2753dddcb3b7f6659d59526b4ccd11d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 18:28:38 GMT
server: cloudflare
age: 7971402
etag: W/"61535ed6-b06e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72a648d35cb45c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 133ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Open+Sans+Condensed:300,700|Oswald:300,400,700|Alegreya:400|Ubuntu+Condensed:100,200,300,400,500,600,700,800,900|Ubuntu+Condensed:100,200,300,400,500,600,700,800,900|Ubuntu+Condensed:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/css/style-min.css?ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea89056d782cf1fff924d26911fcb90439586b986d1fcb3f263fc79190bc27ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:11:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 00:53:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 00:53:58 GMT

GET
H2 200 / Show response
ua.redtram.com/j/37763/ 20 KB
6 KB 728ms
12ms Script
application/javascript 159.69.174.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.redtram.com/j/37763/
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 1799f4d95d568d484ce084688ff988ea68b2a9b60ca576a84f357ae8f24cb34a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 07:25:02 GMT
server: nginx/1.18.0
etag: W/"62b1724e-4e1b"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
expires: Fri, 15 Jul 2022 00:53:59 GMT

GET
H3 200 social-buttons.png
novynarnia.com/wp-content/themes/novynarnia/assets/images/ 3 KB
4 KB 54ms
54ms Image
image/png 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/images/social-buttons.png
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/css/style-min.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d053af154679353afaf4aa8e7aada73d9b1ce2ef6a97b11ec7c9ebd5137cd1c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/wp-content/themes/novynarnia/assets/css/style-min.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:58 GMT
cf-cache-status: HIT
age: 7971374
cf-polished: origSize=5945, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3495
last-modified: Sat, 18 Sep 2021 19:46:35 GMT
server: cloudflare
etag: "6146421b-1739"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d36cc15c5c-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 302 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 682 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 338 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 649efd3b18f3e9c03757831a8a192077b72fb32547f25d9746954c4348594aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Tfq8Ho.woff2
fonts.gstatic.com/s/ubuntucondensed/v16/ 16 KB
17 KB 171ms
85ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Tfq8Ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Open+Sans+Condensed:300,700|Oswald:300,400,700|Alegreya:400|Ubuntu+Condensed:100,200,300,400,500,600,700,800,900|Ubuntu+Condensed:100,200,300,400,500,600,700,800,900|Ubuntu+Condensed:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4627acba7d2699a6e0ed65aa44db5581ae3f0df45d5fd38d5f7bfc2e385cdf8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://novynarnia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 08:47:32 GMT
x-content-type-options: nosniff
age: 144387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 08:47:32 GMT

GET
H2 200 u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
fonts.gstatic.com/s/ubuntucondensed/v16/ 29 KB
29 KB 206ms
120ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://novynarnia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:42:00 GMT
x-content-type-options: nosniff
age: 18719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29252
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:42:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 122ms
36ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://novynarnia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 218241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 12:16:38 GMT

GET
H2 200 4UacrEBBsBhlBjvfkQjt71kZfyBzPgNG9hU4-6qj.woff2
fonts.gstatic.com/s/alegreya/v29/ 20 KB
20 KB 183ms
97ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UacrEBBsBhlBjvfkQjt71kZfyBzPgNG9hU4-6qj.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcbb0a9f261b7fbda3444357742c7e55fd34aa851cbb2b8ab7fc90852d5a3f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://novynarnia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 13:36:29 GMT
x-content-type-options: nosniff
age: 40650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20228
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 13:36:29 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://novynarnia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 24 KB
24 KB 184ms
110ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://novynarnia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 17:48:55 GMT
x-content-type-options: nosniff
age: 198304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 17:48:55 GMT

GET
H3 200 sukachi-rybalky_2-620x400.jpeg
novynarnia.com/wp-content/uploads/2022/07/ 42 KB
42 KB 49ms
45ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/sukachi-rybalky_2-620x400.jpeg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a3d060b79d7840d1dbe3377a8ca221dad33dd0c30313449b7794525351611cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 14471
cf-polished: origSize=44246, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42771
last-modified: Wed, 13 Jul 2022 20:42:48 GMT
server: cloudflare
etag: "62cf2e48-acd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3cd0b5c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 maryna-vyazovska-300x194.jpg
novynarnia.com/wp-content/uploads/2022/07/ 10 KB
11 KB 52ms
49ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/maryna-vyazovska-300x194.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e03632e85c8f796ff8be7c261207a54dcdd582c3115d2d10fdb09818121135e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 19234
cf-polished: origSize=10736, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10657
last-modified: Wed, 13 Jul 2022 19:21:40 GMT
server: cloudflare
etag: "62cf1b44-29f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3cd0d5c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 peregovory-iz-zernovoyi-kryzy-stambul-85x54.jpg
novynarnia.com/wp-content/uploads/2022/07/ 2 KB
2 KB 53ms
50ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/peregovory-iz-zernovoyi-kryzy-stambul-85x54.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 849c5a11991b2d99550b8590d19f6b0cefc9fe6a881f205765b21742fce78e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 18628
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2212
last-modified: Wed, 13 Jul 2022 19:01:24 GMT
server: cloudflare
etag: "62cf1684-8a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3cd0e5c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 Kim-CHen-In-KNDR-REUTERS.jpg
novynarnia.com/wp-content/uploads/2017/08/ 79 KB
80 KB 32ms
29ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2017/08/Kim-CHen-In-KNDR-REUTERS.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c992bcc83fec9a870d84f177e4e2c3e8b1610c5a9d2718379b24d4ad1c5e0d69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 27731
cf-polished: origSize=82798, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81339
last-modified: Tue, 02 Mar 2021 20:03:38 GMT
server: cloudflare
etag: "603e9a1a-1436e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3cd0f5c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 sud-v-odesi-85x54.jpeg
novynarnia.com/wp-content/uploads/2022/07/ 2 KB
2 KB 76ms
73ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/sud-v-odesi-85x54.jpeg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d185ce818cfc3cc09ca3a6098d1997d6732d8c85f2883cbb7d50e794ce7607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 38981
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1874
last-modified: Wed, 13 Jul 2022 13:37:12 GMT
server: cloudflare
etag: "62ceca88-752"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3cd105c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 zerno-300x199.jpg
novynarnia.com/wp-content/uploads/2021/09/ 22 KB
22 KB 76ms
73ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2021/09/zerno-300x199.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e03ddb7b036f7dfe29141a1c818bd8384a727836f62da7f7f345e8b9f56f10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 43469
cf-polished: origSize=23734, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22308
last-modified: Mon, 20 Sep 2021 10:35:29 GMT
server: cloudflare
etag: "614863f1-5cb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3cd125c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 sudna-u-dunayi-85x54.jpg
novynarnia.com/wp-content/uploads/2022/07/ 2 KB
2 KB 79ms
76ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/sudna-u-dunayi-85x54.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fc058eeb3781e05993b00ed0fad30fd1393ad439185bda5c8831b958e9330b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 46285
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1693
last-modified: Wed, 13 Jul 2022 11:52:53 GMT
server: cloudflare
etag: "62ceb215-69d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3cd135c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 anton-yanchuk-85x54.jpg
novynarnia.com/wp-content/uploads/2022/07/ 2 KB
2 KB 80ms
77ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/anton-yanchuk-85x54.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226c051f6ac874100e2f8b3ab8a25f54ea9e24811549fb283f92754fe34eae40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 50380
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1713
last-modified: Wed, 13 Jul 2022 10:52:31 GMT
server: cloudflare
etag: "62cea3ef-6b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3cd145c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 index.php Show response
misto.travel/ 21 KB
3 KB 223ms
205ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://misto.travel/index.php?mod=search&cmd=promowghot&lang=ua

Requested by

Host: misto.travel
URL: https://misto.travel/templates/js/promowghot.js?aid=13P92Y.wghot&w=340&h=520&b=%23d82f1b&c=%23ffffff&t=%D0%93%D0%B0%D1%80%D1%8F%D1%87%D1%96%20%D1%82%D1%83%D1%80%D0%B8&f=%23d82f1b&cf=%23ffffff&gc=%23161515&gw=5&r=10&l=on&lb=%23121111&lt=w&ln=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

005413e4f940495494f4b983e23756a0e1aab2e5786d5f5b5b0a6d7147bcd184

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2Ff0poJZ01OM8qVn%2FXwL1K68YsSQjIdDqo%2BmQtzC%2Bc7luq7SkR1C06OS4rITLZ%2FO46IfY18%2FotiWYlmd0wZ8pVb2WpyiHd6br7BQGyXiiqK41QxFa%2Fhnuf1%2BC8XYnOxhbHl6xbmeKXgpJA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 72a648d3f914bbf1-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk/ 3 KB
2 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk/sdk.js

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/wp-content/plugins/super-socializer/js/front/facebook/sdk.js?ver=7.13.26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e826e8f2ee488b700ac070e029b9b5692376cb66a6803f5bc97296849d4eca67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dc3Dpoyt3cuzDPULP8dtiA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: dYGLCh8mDqH1op8/qKrmqoc6hxePXf1dS1sKj8KEFOBgfd6DzUE/+xtf+5YG9j2EZLiHC9U7+RZkxfWVcKjpEQ==
x-fb-content-md5: c356f626e32862b81cc8b6672c6ca72f
x-frame-options: DENY
date: Thu, 14 Jul 2022 00:53:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c5e9f0058f9a8474b9e66fd852d82c03"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Jul 2022 00:55:13 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 301 KB
86 KB 19ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=e7a5b9177ee9f0c558600e19f600bf3d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

09dfb4d2c31afd554660d1c993c3dc6668338b5703e9e28a0033d8389cebcb69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://novynarnia.com/
Origin: https://novynarnia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: zav/XVaGSXiQdzl3RSij8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87648
x-fb-rlafr: 0
x-fb-debug: TSljDR9ysnHgsUerItEWvYMfGGstYaYIFr/k3Sc5u37WzptUrDqt6TrJ/aRRzpfpcTs1dko2NZ5nWaZeLIX3Lg==
x-fb-content-md5: 23566e8ebdc6e2aa6fc8957127c4af5f
x-frame-options: DENY
date: Thu, 14 Jul 2022 00:53:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e6c059a1c18f035a2aec1a8ee3bf6aaa"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 14 Jul 2023 00:37:21 GMT

GET
H3 200 dark-noise.gif
novynarnia.com/wp-content/themes/novynarnia/assets/images/ 3 KB
3 KB 62ms
61ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/images/dark-noise.gif
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/wp-content/themes/novynarnia/assets/css/style-min.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8812a7032b1b669c7bc81e96748ba67ca7911c47700956d6e1c6109e1918d9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/wp-content/themes/novynarnia/assets/css/style-min.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 103614
cf-polished: origFmt=gif, origSize=4116
content-disposition: inline; filename="dark-noise.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2844
last-modified: Sat, 18 Sep 2021 19:46:35 GMT
server: cloudflare
etag: "6146421b-1014"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3ed295c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 svyatoslav-vakarchuk-u-blindazhi-300x194.png
novynarnia.com/wp-content/uploads/2022/07/ 49 KB
49 KB 53ms
52ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/svyatoslav-vakarchuk-u-blindazhi-300x194.png
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5096a7113965d991bfa1bfde268f86b4a27a58f67adbdf0a2cd124edc2ff1145

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 11114
cf-polished: origFmt=png, origSize=73452
content-disposition: inline; filename="svyatoslav-vakarchuk-u-blindazhi-300x194.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50080
last-modified: Wed, 13 Jul 2022 21:24:31 GMT
server: cloudflare
etag: "62cf380f-11eec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3fd395c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 gorlivka-pryloty-85x54.jpg
novynarnia.com/wp-content/uploads/2022/07/ 2 KB
2 KB 55ms
54ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/gorlivka-pryloty-85x54.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d849575b64715164eea3cfcbd8a802456474ccac7752dfad813830289b83f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 21191
cf-polished: origSize=5768, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1851
last-modified: Wed, 13 Jul 2022 18:25:28 GMT
server: cloudflare
etag: "62cf0e18-1688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3fd3c5c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 likvidovanyj-okupant-85x54.jpg
novynarnia.com/wp-content/uploads/2022/07/ 3 KB
3 KB 55ms
54ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/likvidovanyj-okupant-85x54.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0233aa7c793c36af7714410aeba73beb3b0df799ccd34ea373364973c34cdc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 23448
cf-polished: origSize=9467, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2573
last-modified: Wed, 13 Jul 2022 18:17:06 GMT
server: cloudflare
etag: "62cf0c22-24fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3fd3d5c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 zevs-keramika-u-slovyansbku-85x54.jpg
novynarnia.com/wp-content/uploads/2022/07/ 2 KB
2 KB 55ms
54ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/zevs-keramika-u-slovyansbku-85x54.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1617d7ebe0d8360c2d0e962768217b56de1210a1b71da84bf5916c6dac3dabc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 24466
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2039
last-modified: Wed, 13 Jul 2022 17:58:25 GMT
server: cloudflare
etag: "62cf07c1-7f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3fd3f5c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 dron-kamikadze-warmate-85x54.jpg
novynarnia.com/wp-content/uploads/2022/07/ 1 KB
2 KB 55ms
54ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-content/uploads/2022/07/dron-kamikadze-warmate-85x54.jpg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1df71b431c8456970ccc30796e73eb96510506e054de1421e4561ca974285a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 25082
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1286
last-modified: Wed, 13 Jul 2022 17:45:57 GMT
server: cloudflare
etag: "62cf04d5-506"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3fd405c5c-FRA
cf-bgj: imgq:100,h2pri

POST
H3 200 admin-ajax.php Show response
novynarnia.com/wp-admin/ 0
466 B 1320ms
1320ms XHR
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://novynarnia.com/wp-admin/admin-ajax.php

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: WP Engine
cf-ray: 72a648d3fd425c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://novynarnia.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 loadingAnimation.gif
novynarnia.com/wp-includes/js/thickbox/ 5 KB
5 KB 51ms
50ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novynarnia.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32a9e55359d72ced7b4a934c2cf438f4120c5b8956ed57a04b305d1ac69bb5d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
age: 98192
cf-polished: origFmt=gif, origSize=15238
content-disposition: inline; filename="loadingAnimation.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5070
last-modified: Mon, 05 Nov 2012 21:00:15 GMT
server: cloudflare
etag: "509828df-3b86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a648d3fd4b5c5c-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
70 KB 127ms
54ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JZB3ZJ9NR0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72289807-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba354b3fd0191d7cc7df248f1b8b6131ca72f193c31761dd8e9db07e3b037ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71220
x-xss-protection: 0
expires: Thu, 14 Jul 2022 00:53:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
35ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72289807-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6482
date: Wed, 13 Jul 2022 23:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 14 Jul 2022 01:05:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ 340 KB
120 KB 149ms
70ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8691795427544580&plah=novynarnia.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8691795427544580

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

700fbd987da9f43089d6700b409a4a9ff2c512e9f47ef932931ae3b981bf7b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122412
x-xss-protection: 0
server: cafe
etag: 12902021027348706050
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 00:53:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame E155 10 KB
5 KB 118ms
35ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8691795427544580

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novynarnia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 21:56:18 GMT
etag: 10429905676100781186
expires: Wed, 27 Jul 2022 21:56:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tr.png
misto.travel/templates/images/flags/ 492 B
1 KB 129ms
110ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/tr.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

292d592f7fa1df2fa653ecc1e03d5eb2ae68277c6df264f762aefb8218e23454

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 492
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-1ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skE%2F2dh%2B1KdUMg9v2Q3dPLtWjshkEbd7HofCTW7dJw%2F0L1QbvbHqBXdQEFRYya1dmP0LXlHoBgGoHBwZqj3AJWAXaQQkzhgl9Dhs1mPZ%2FBSHn8QCGEZEIaJ%2BD07oKLCw6ioNXqeLvJU6%2FHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d1d9b69-FRA

GET
H3 200 bg.png
misto.travel/templates/images/flags/ 462 B
1014 B 129ms
111ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/bg.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4838a24ad388f934b04dbf9dba02a8bc6e9e58d0a1076477b47b5987a5c2d64

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 462
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-1ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpzaU9DsF1x219jZwM4iCW%2BmjYEdOELxq%2FczR5CfIowdUhbNx33YrrHLCpwmgcz%2FWiQwMTnhXKmFZ%2F4xM%2FgQ1gFrPtAikcN6wg5fQRA5Qr8n%2BONDBu6POVmhKY%2BjPoWQGvEac1JhnTt1CE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d1e9b69-FRA

GET
H3 200 eg.png
misto.travel/templates/images/flags/ 465 B
1010 B 125ms
108ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/eg.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c44b7ce8a72720e2ab8b38b8885fca36dda04daa14ae37909bbd501d853074

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 465
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-1d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLFtZfUr%2B9N91xJ2iNtLQ00QHwRLgU5qGLU%2B8gXrzqI61TFfFVYTR8lsbY80kBtuedQY22m5sImYNX8x0lkMEIWoLq2pqum6iPvFk1xFcE9gFVkDPxWWllGilTwZMdOtXp53Ia1ZaMVEpWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d179b69-FRA

GET
H3 200 al.png
misto.travel/templates/images/flags/ 600 B
1 KB 127ms
110ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/al.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f7278c0c4272b6ff65293c18cdbb7e2e272f59dabe16619c22051d319ef44e0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 600
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-258"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aSVgaXmt%2Bt5R9ZMb7%2F8JxnD7mBkbsWtO1wnP1gfGftiUHH7atirh3%2BpicX4eivYLSqQQvQglgQPl%2FWsyIECZPFefzldQKIwpwyGvfkQgSnWc83jf0Vvc9LZtTBNCmaOSGgktDCPLkSS6Is%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d189b69-FRA

GET
H3 200 me.png
misto.travel/templates/images/flags/ 448 B
1001 B 111ms
94ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/me.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3081af04bbaf03a33b15a177af37f0e46ffdc09469bdd3200795f52626a6d693

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 448
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMsKQ486YYGRRy4uVpiDPmP15t5vKMPuCPSslJci%2Bm0H4YLxUApJ%2BSNnVcx3BKczPXL4rUr%2Fog8JIMIQtZrRMDX701WPNKR3iH%2FEu6GFr4v1GXN%2B124Bz8%2BlvxLzq2qkLrM0JcWwb%2BQPR5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d219b69-FRA

GET
H3 200 gr.png
misto.travel/templates/images/flags/ 487 B
1 KB 129ms
112ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/gr.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5648d2078756ae0b084312c46b02d82905cd9fb84262267cafcf9b71828ac358

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 487
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-1e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0Kl%2FGBTsfKZjGdaM19Kp7cF4wZ8paEWNVycggKVbl4XjN%2FNOpezV6VX%2FEjKYRVn9g5pMsTj9Ks5AmbD2lI6iNNFXJw%2B4G6WO39%2BCzkjYIXLMm24xf1BqhK0fhb7F5A58gURajruaSslnLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d239b69-FRA

GET
H3 200 es.png
misto.travel/templates/images/flags/ 469 B
1 KB 105ms
88ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/es.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 469
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-1d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIw2zT3W6Ch3CT5uEunB3ZW5WepMWCtc5HjvhhMQHP4kDQNzF%2FBT7vdWQxIiGOUzPgigM0KnZBisJouKJT3hyXXrB9HV2oOdx73iU1GO%2B4qy1uTsYwVIJvW5mbDJu4dT%2Bhu5%2BJBSzCzOSNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d229b69-FRA

GET
H3 200 hr.png
misto.travel/templates/images/flags/ 524 B
1 KB 127ms
111ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/hr.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4d87ecdeef29042f05b26ad81fbfece47292270eb0cfb10ab132f18c3ce98cd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 524
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-20c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYJ3zvxRiDLNu7CBXeEoGICGBYe5WzGP8VoUwVb6Y2dy5Z4f72TJ3kaBjimgfcIIcG69PDNtvn4ZvIP6ua2SdVMj8SKdEsBJi%2FHHL0cMYKCgeb%2BQ3e7rskzMTwoVuH88fdHSe66ltDIJD2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d209b69-FRA

GET
H3 200 it.png
misto.travel/templates/images/flags/ 420 B
971 B 124ms
109ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/it.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 420
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-1a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wninDgzvHfJIAX0VBRRVeWtdDtyfRhrGCVVWJi%2B9P%2BJixyTGpdHLIM9VEFF1zdM97AwQT446mYFcVI56PLAo5DnFPbExIhxSQFBR9njcHfhHalNgQ2Fy3U%2B5AeQ%2F%2B8g1d%2F1u1T5kz%2FYeiVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d1a9b69-FRA

GET
H3 200 pt.png
misto.travel/templates/images/flags/ 554 B
1 KB 125ms
109ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/flags/pt.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba636f1cb6bfd323dac1fb079cd002b5d486ed5eff54f4c4744b81316b257e96

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 554
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-22a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWjVUJ1yz2Ed0mxNPf5fiuNvT2sk5DYrOoicvqp7fGL766KIPuPXKa1XUaOq90wREsibuGR8LZwF1I8i7TwfLKhC9NFjAKlOxEE79%2BjPk%2F7qGXnLdyHfoEOSAEaTyFsITTvAHnC%2B6pl%2Ba24%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d1b9b69-FRA

GET
H3 200 mistotravel-w.png
misto.travel/templates/images/ 17 KB
17 KB 109ms
94ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://misto.travel/templates/images/mistotravel-w.png

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

749b8311fec6d7ea512e5a9073e5d267502685c01cb0db0176d974f896a2c7a8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17123
x-xss-protection: 1; mode=block
last-modified: Fri, 06 May 2022 15:11:04 GMT
server: cloudflare
etag: "62753a88-42e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Q9BedJullgZZgrnl2cd7iy0HCE6WB4RxXbgZ1jQyZTOyuyD6L74gCHmS33Oatmq6v7dIj1orfqZoC9KyEeWaeXWXgzyFHpSDYG5R105v%2BAu%2BK3sASahMMTyZUP2MLqJu47OefGSsGf1Cao%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72a648d56d1c9b69-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 123ms
45ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=482204828&t=pageview&_s=1&dl=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&ul=en-us&de=UTF-8&dt=%E2%80%9C%D0%A5%D1%82%D0%BE%20%D0%B7%20%D0%BD%D0%B0%D1%81%20%D0%B1%D1%80%D0%B5%D1%88%D0%B5%3F%E2%80%9D%20%D0%9F%D1%80%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B8%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D0%BD%D0%B0%2058-%D0%B9%20%D0%9C%D1%8E%D0%BD%D1%85%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D1%96%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97%20%D0%B7%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D1%8C%20%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=883712494&gjid=1061605166&cid=40300359.1657760039&tid=UA-72289807-1&_gid=1396099090.1657760039&_r=1&gtm=2ou7d0&z=857199747

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://novynarnia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:53:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://novynarnia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
337 B 105ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JZB3ZJ9NR0&gtm=2oe7d0&_p=482204828&_z=ccd.v9B&cid=40300359.1657760039&ul=en-us&sr=1600x1200&_s=1&sid=1657760039&sct=1&seg=0&dl=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&dt=%E2%80%9C%D0%A5%D1%82%D0%BE%20%D0%B7%20%D0%BD%D0%B0%D1%81%20%D0%B1%D1%80%D0%B5%D1%88%D0%B5%3F%E2%80%9D%20%D0%9F%D1%80%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B8%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D0%BD%D0%B0%2058-%D0%B9%20%D0%9C%D1%8E%D0%BD%D1%85%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D1%96%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97%20%D0%B7%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D1%8C%20%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZB3ZJ9NR0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:53:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://novynarnia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 150ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=novynarnia.com&callback=_gfp_s_&client=ca-pub-8691795427544580

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8691795427544580&plah=novynarnia.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f4ce8cb17eca6c5c45666b110e1a88b4f176424985c1623bca510f2ff56d560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 151ms
47ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=novynarnia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 130ms
44ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=novynarnia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15B5 116 B
114 B 212ms
134ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8691795427544580&output=html&adk=1812271804&adf=3025194257&lmt=1657760039&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657760039153&bpp=2&bdt=423&idt=247&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7110021202915&frm=20&pv=2&ga_vid=40300359.1657760039&ga_sid=1657760039&ga_hid=482204828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C31068226%2C44768689&oid=2&pvsid=1175129764789150&tmod=1000719069&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=263

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a87766e276124c5d72e15580ebcf9e5b78fe277d09bce31a14115ee8e3f36b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novynarnia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 91
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 00:53:59 GMT
expires: Thu, 14 Jul 2022 00:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72289807-1&cid=40300359.1657760039&jid=883712494&gjid=1061605166&_gid=1396099090.1657760039&_u=YEBAAUAAAAAAAC~&z=58736401

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://novynarnia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Jul 2022 00:53:59 GMT
content-type: text/plain
access-control-allow-origin: https://novynarnia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98C2 93 KB
33 KB 338ms
274ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8691795427544580&output=html&h=90&slotname=8148275804&adk=1857911984&adf=2665882539&pi=t.ma~as.8148275804&w=880&lmt=1657760039&psa=0&format=880x90&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657760039155&bpp=1&bdt=425&idt=268&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7110021202915&frm=20&pv=1&ga_vid=40300359.1657760039&ga_sid=1657760039&ga_hid=482204828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=360&ady=46&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C31068226%2C44768689&oid=2&pvsid=1175129764789150&tmod=1000719069&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=40Hhzxqm5J&p=https%3A//novynarnia.com&dtd=274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8e8c5910a863b0659356566262a5a4123f8982a2a027763c31276e2eb491d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novynarnia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33614
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 00:53:59 GMT
expires: Thu, 14 Jul 2022 00:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 132ms
49ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-72289807-1&cid=40300359.1657760039&jid=883712494&_u=YEBAAUAAAAAAAC~&z=1688202416

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:53:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 129ms
47ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-72289807-1&cid=40300359.1657760039&jid=883712494&_u=YEBAAUAAAAAAAC~&z=1688202416

Requested by

Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:53:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fp.min.js Show response
fixidle.com/js/ 16 KB
6 KB 49ms
12ms Script
application/javascript 159.69.174.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/fp.min.js
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/37763/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: b3f40eab1d8e5bb29f8924aba7531048e953991a81bcb161d70e1883a511ee0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H2 200 a77111f73cee77a1ef6933220544de63.js Show response
www.gstatic.com/mysidia/ Frame 98C2 10 KB
5 KB 117ms
36ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a77111f73cee77a1ef6933220544de63.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8691795427544580&output=html&h=90&slotname=8148275804&adk=1857911984&adf=2665882539&pi=t.ma~as.8148275804&w=880&lmt=1657760039&psa=0&format=880x90&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657760039155&bpp=1&bdt=425&idt=268&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7110021202915&frm=20&pv=1&ga_vid=40300359.1657760039&ga_sid=1657760039&ga_hid=482204828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=360&ady=46&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C31068226%2C44768689&oid=2&pvsid=1175129764789150&tmod=1000719069&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=40Hhzxqm5J&p=https%3A//novynarnia.com&dtd=274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467604f1339295ef3861c54dc14e4f6cee9a7e72f207c72ef4a1499c86ac2291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 00:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4369
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 00:09:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 00:31:35 GMT

GET
H2 200 ad228488b2e9567307ebdc8a9c20376b.js Show response
www.gstatic.com/mysidia/ Frame 98C2 10 KB
4 KB 118ms
37ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ad228488b2e9567307ebdc8a9c20376b.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1175ed541da3206620523b17b435df203157471aa550e425fdc47354a6adfbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 08:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4295
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:20:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 08:32:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 98C2 8 KB
893 B 118ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 23:47:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 00:53:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 00:53:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 98C2 2 KB
983 B 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 00:38:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 98C2 21 KB
9 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 00:10:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 98C2 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 00:26:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98C2 138 KB
43 KB 146ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 00:53:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 98C2 17 KB
7 KB 132ms
43ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 00:34:35 GMT

GET
H3 200 9fbfea14cd545ec81bc54d3c558bfb70.js Show response
www.gstatic.com/mysidia/ Frame 98C2 31 KB
13 KB 117ms
38ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9fbfea14cd545ec81bc54d3c558bfb70.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 10:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13103
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:20:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 10:28:28 GMT

GET
H2 200 collector.js Show response
fixidle.com/js/ 9 KB
2 KB 12ms
12ms Script
application/javascript 159.69.174.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/collector.js?rtuid=5af71c908b62099984d6a137028ce916&code=news&v=1657760039828
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/37763/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 30c651c4ac925c4ff68c71ae55e4858774bac9746033155033fb759d7f5e6960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H2 200 7021.gif
ua.redtram.com/px/ 43 B
235 B 12ms
12ms Image
image/gif 159.69.174.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ua.redtram.com/px/7021.gif?referrer=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&ref2=&rtuid=5af71c908b62099984d6a137028ce916&v=1657760039828
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:53:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 25 Apr 1986 22:23:46 GMT

GET
H2 200 logo_text.svg
img.redtram.com/redtram/ 4 KB
4 KB 24ms
11ms Image
image/svg+xml 159.69.174.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.redtram.com/redtram/logo_text.svg
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 9ce61b5124c26ecd33fa1bb71f1b506610e41fbcd9f15b321af4706c6ddd42ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:53:59 GMT
last-modified: Wed, 16 Dec 2020 10:35:46 GMT
server: nginx/1.18.0
etag: "5fd9e302-e36"
content-type: image/svg+xml
cache-control: max-age=2592000, private
accept-ranges: bytes
content-length: 3638
expires: Sat, 13 Aug 2022 00:53:59 GMT

GET
H2 200 / Show response
ua.redtram.com/i/ 3 KB
2 KB 17ms
17ms Script
application/x-javascript 159.69.174.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.redtram.com/i/?i=37763&ver=2&srv=76&f=3&idn=ninq&ref2=&rtuid=5af71c908b62099984d6a137028ce916&wl=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/37763/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 1b354f678dffeb41da0297af3248187d4509a118a26441dc77f4f01d3472303c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:53:59 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/x-javascript; charset=UTF-8
x-upstream: 10.1.4.88:7403
cache-control: no-cache, must-revalidate
expires: Mon, 25 Apr 1986 22:23:46 GMT

POST
H2 200 / Show response
fixidle.com/ 61 B
153 B 42ms
13ms XHR
application/json 159.69.174.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/?v=16577600398500.8653379232877549
Requested by: Host: fixidle.com
URL: https://fixidle.com/js/collector.js?rtuid=5af71c908b62099984d6a137028ce916&code=news&v=1657760039828
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: c7aa2227ae6c6c214eab9c8c4be6d56e4ff0c9ce03a88a0df4926992c3c05fd9

Request headers

Referer: https://novynarnia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Jul 2022 00:53:59 GMT
server: nginx/1.18.0
content-type: application/json;

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 17508746130108710164
tpc.googlesyndication.com/simgad/ Frame 98C2 3 KB
3 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17508746130108710164?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c201289223855938eb38f0459475a0eb5c94b9e94b36695ffe4a48e31ccdb881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 21:15:01 GMT
x-content-type-options: nosniff
age: 13138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
last-modified: Thu, 16 Feb 2017 17:27:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Jul 2023 21:15:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 98C2 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCiR4J2nPYqTxH8qygAfMqZzAAZ71telq1YO6o8UEm7--0scJEAEgvsGOImCV4pCCoAegAemCi-ADyAEBqQLO6Olhzt-wPqgDAcgDywSqBKQCT9Bl3QLvGA8OMDJ-1j-4-la6rL3SCTY2tvnPhswnCJwmq3aJ3B_x4ESXoSLClEGEJITZslBT8PercftK6LEyb4viguD7Dbk8FDi7u8TMTpEtCxMdhsZU9AQagwB19TzGcPxbePxSWMYKV-GjGxgqc7viZCXColSlYh1HUlhScS1RaeiKNbJRVorjZaKr5ToB-RcE03UEr7Se3IhWAU5ashiARTHHOteZ2e18zh1XfVhnLT0EsL-bUrH_oRs4PLB698c4MmrYXSfmA0TMtqF_utmhFhkSrp92NQcomFsjdvCYfrbCFnrvrRtzONSn1ZKZjlXPoot9IS00eYqq0sc-qbTkAaCa53UqnXVBOT_MPA_bbXB92Ked-i5sFiwAhQYs8xMmXcAE99iLt0SSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH__z0H6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMXiAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTg2OTE3OTU0Mjc1NDQ1ODAYAA&sigh=1HSt_XWsJ7Q&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8691795427544580&output=html&h=90&slotname=8148275804&adk=1857911984&adf=2665882539&pi=t.ma~as.8148275804&w=880&lmt=1657760039&psa=0&format=880x90&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657760039155&bpp=1&bdt=425&idt=268&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7110021202915&frm=20&pv=1&ga_vid=40300359.1657760039&ga_sid=1657760039&ga_hid=482204828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=360&ady=46&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C31068226%2C44768689&oid=2&pvsid=1175129764789150&tmod=1000719069&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=40Hhzxqm5J&p=https%3A//novynarnia.com&dtd=274
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Jul 2022 00:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Jul 2022 00:53:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7C49 143 B
163 B 42ms
41ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8691795427544580&output=html&h=90&slotname=8148275804&adk=1857911984&adf=2665882539&pi=t.ma~as.8148275804&w=880&lmt=1657760039&psa=0&format=880x90&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657760039155&bpp=1&bdt=425&idt=268&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7110021202915&frm=20&pv=1&ga_vid=40300359.1657760039&ga_sid=1657760039&ga_hid=482204828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=360&ady=46&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C31068226%2C44768689&oid=2&pvsid=1175129764789150&tmod=1000719069&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=40Hhzxqm5J&p=https%3A//novynarnia.com&dtd=274
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 00:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 611756410.jpg
ua.redtram.com/img300/ 26 KB
26 KB 12ms
11ms Image
image/jpeg 159.69.174.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ua.redtram.com/img300/611756410.jpg?v=0
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 1035ae27faa7ca7f416eb70abfcd891c60f94575d7f8b899dd43f794ba614709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-server-rt: img03
date: Thu, 14 Jul 2022 00:53:59 GMT
last-modified: Sat, 02 Jul 2022 10:25:04 GMT
server: nginx/1.18.0
etag: "62c01d00-67a8"
x-cache-status: HIT
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 26536
expires: Thu, 21 Jul 2022 00:53:59 GMT

GET
H2 200 611780505.jpg
ua.redtram.com/img300/ 15 KB
16 KB 23ms
22ms Image
image/jpeg 159.69.174.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ua.redtram.com/img300/611780505.jpg?v=1657001045
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: eeb986a67666a48cab666c25c13137e73116c64e06e78db94cc82f29f67a0775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-server-rt: img04
date: Thu, 14 Jul 2022 00:53:59 GMT
last-modified: Tue, 05 Jul 2022 06:04:05 GMT
server: nginx/1.18.0
etag: "62c3d455-3dff"
x-cache-status: HIT
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 15871
expires: Thu, 21 Jul 2022 00:53:59 GMT

GET
H2 200 611799482.jpg
ua.redtram.com/img300/ 14 KB
14 KB 34ms
33ms Image
image/jpeg 159.69.174.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ua.redtram.com/img300/611799482.jpg?v=0
Requested by: Host: novynarnia.com
URL: https://novynarnia.com/2022/02/19/vystup-prezydenta-munchen/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: a2c6f26aedda2334672fdfb4c77b5dd61182cd30e6ee8bb2389144a4d16d367e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-server-rt: img04
date: Thu, 14 Jul 2022 00:53:59 GMT
last-modified: Fri, 08 Jul 2022 09:47:02 GMT
server: nginx/1.18.0
etag: "62c7fd16-3799"
x-cache-status: HIT
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 14233
expires: Thu, 21 Jul 2022 00:53:59 GMT

GET
DATA 200
OK truncated
/ Frame 98C2 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be7503deadb365257b57a9d4c8294e9b2dda2a0088da70849c0dd1bd7c5042bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7C49
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

71ms
71ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 00:54:00 GMT
expires: Thu, 14 Jul 2022 00:54:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 00:54:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 98C2 28 KB
28 KB 115ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 15426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 20:36:54 GMT

GET
H2 200 form-animations.css
static-login.sendpulse.com/apps/fc3/build/ 3 KB
946 B 9ms
8ms Stylesheet
text/css 151.139.243.27
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://static-login.sendpulse.com/apps/fc3/build/form-animations.css?1653643444289
Requested by: Host: static-login.sendpulse.com
URL: https://static-login.sendpulse.com/apps/fc3/build/default-handler.js?1536679416634
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.27 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: f8d73587f3df8baed83bdfdbd0db3ae50d56f9e4e955359dcc9f03f9d9cf87fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 07:04:38 GMT
server: nginx
etag: W/"626f8286-dbc"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-sp-pr: lpr9
cache-control: max-age=86400
accept-ranges: bytes
content-length: 682
expires: Fri, 15 Jul 2022 00:53:21 GMT

GET
H2 200 mobile-detect.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/ 37 KB
14 KB 51ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/mobile-detect.min.js

Requested by

Host: static-login.sendpulse.com
URL: https://static-login.sendpulse.com/apps/fc3/build/default-handler.js?1536679416634

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3042879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13328
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f25-9341"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcIGwgLkS1hQz8oiUXTHtmVVLIRA8C6njxL0CZ4xSb5HLZf9xgQEREu0JoSRyT9%2FNlcKoJYR1gFnIHciC%2F9C7jqA%2FUb94QL4YBSTOQauGA0EuaUXY4Z00Cc4qrwdVIFJbLft1tcJTaYbovkThjYCjeDC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72a648dbfe5c9b92-FRA
expires: Tue, 04 Jul 2023 00:54:00 GMT

GET
H2 200 form-defaults.css
static-login.sendpulse.com/apps/fc3/build/ 54 KB
22 KB 8ms
8ms Stylesheet
text/css 151.139.243.27
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://static-login.sendpulse.com/apps/fc3/build/form-defaults.css?1653643444289
Requested by: Host: static-login.sendpulse.com
URL: https://static-login.sendpulse.com/apps/fc3/build/default-handler.js?1536679416634
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.27 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a85179d4396c72862afe84a0b750f9bfc9ebbae18c530a4fb1a08a5f0b61c44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 07:04:37 GMT
server: nginx
etag: "626f8285-d78d"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-sp-pr: lpr8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 22448
expires: Fri, 15 Jul 2022 00:53:07 GMT

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame EA90
Redirect Chain

https://www.facebook.com/v10.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1721d208caafa%26domain%3Dnovynarnia.com%...
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1721d208caafa%26domain%3Dnovynarnia.com%26is_ca...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1721d208caafa%26domain%3Dnovynarnia.com%26is_ca...

142 KB
33 KB

157ms
157ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=e7a5b9177ee9f0c558600e19f600bf3d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65c15002045f26c48b7ad8a1f3c50e76f1206d1ff70aa0b6965caed83dd5dd39

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Thu, 14 Jul 2022 00:54:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: JyRWP0UvavYPRtNIn9LG7rDclkTAiqShVl66smtzeYGJZZaXOsOWjcCqRFyraQRS6qqh9OTNWFOjKNR/iJEFdQ==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
date: Thu, 14 Jul 2022 00:54:00 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1721d208caafa%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&locale=de_DE&numposts=3&sdk=joey&version=v10.0&width=550
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: HXwJycPdK8HPvBcEJf7zW+DlCXmoxivrep3qjtVxg5hhYyiapaVC7WYRdBrvO1j3+IYomtIWBooWBe6MtIwOtw==

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame F1A0
Redirect Chain

https://www.facebook.com/v10.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com...
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com%26is_c...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com%26is_c...

42 KB
13 KB

57ms
56ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=http%3A&locale=de_DE&numposts=5&sdk=joey&title=%E2%80%9C%D0%A5%D1%82%D0%BE+%D0%B7+%D0%BD%D0%B0%D1%81+%D0%B1%D1%80%D0%B5%D1%88%D0%B5%3F%E2%80%9D+%D0%9F%D1%80%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0+%D0%BF%D1%80%D0%B5%D0%B7%D0%B8%D0%B4%D0%B5%D0%BD%D1%82%D0%B0+%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8+%D0%BD%D0%B0+58-%D0%B9+%D0%9C%D1%8E%D0%BD%D1%85%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D1%96%D0%B9+%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97+%D0%B7+%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D1%8C+%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&version=v10.0&width=NaN&xid=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=e7a5b9177ee9f0c558600e19f600bf3d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e238a0ea46439251f907bb9694642cfe6121e90b2c218ac2e163c27f93ee2a5

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Thu, 14 Jul 2022 00:54:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: wM/Tdj8POOadtKzABmgnaL74DMaagz8Pbu/KJu8NPz1tvDTWVYpDFwaFesffP3BfDzEtMnZCAOk//JcCkyuP9A==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
date: Thu, 14 Jul 2022 00:54:00 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=http%3A&locale=de_DE&numposts=5&sdk=joey&title=%E2%80%9C%D0%A5%D1%82%D0%BE+%D0%B7+%D0%BD%D0%B0%D1%81+%D0%B1%D1%80%D0%B5%D1%88%D0%B5%3F%E2%80%9D+%D0%9F%D1%80%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0+%D0%BF%D1%80%D0%B5%D0%B7%D0%B8%D0%B4%D0%B5%D0%BD%D1%82%D0%B0+%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8+%D0%BD%D0%B0+58-%D0%B9+%D0%9C%D1%8E%D0%BD%D1%85%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D1%96%D0%B9+%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97+%D0%B7+%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D1%8C+%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&version=v10.0&width=NaN&xid=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: 8oTHvN2T1uiolNJHVcMSFCy4PI7aivSSt3hmN6POrlnk232XvkEth0AQl/bSqB5ox8Dx0Pq/JyRMv8PQc0NW5Q==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 132ms
54ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c111b831f6c1a1e3739ed71a1b82378e98e8c307a2bc050abca5db4179c391ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10934
x-xss-protection: 0

GET
H3 200 _j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js Show response
pagead2.googlesyndication.com/bg/ Frame F1C5 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 14:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13754
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 14:16:03 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 123ms
48ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 00:54:00 GMT

GET
H2 200 wvZWaQbGrTr.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame F1A0 125 KB
20 KB 9ms
7ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a3184382d7418%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=http%3A&locale=de_DE&numposts=5&sdk=joey&title=%E2%80%9C%D0%A5%D1%82%D0%BE+%D0%B7+%D0%BD%D0%B0%D1%81+%D0%B1%D1%80%D0%B5%D1%88%D0%B5%3F%E2%80%9D+%D0%9F%D1%80%D0%BE%D0%BC%D0%BE%D0%B2%D0%B0+%D0%BF%D1%80%D0%B5%D0%B7%D0%B8%D0%B4%D0%B5%D0%BD%D1%82%D0%B0+%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8+%D0%BD%D0%B0+58-%D0%B9+%D0%9C%D1%8E%D0%BD%D1%85%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D1%96%D0%B9+%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97+%D0%B7+%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D1%8C+%D0%B1%D0%B5%D0%B7%D0%BF%D0%B5%D0%BA%D0%B8&url=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&version=v10.0&width=NaN&xid=https%253A%252F%252Fnovynarnia.com%252F2022%252F02%252F19%252Fvystup-prezydenta-munchen%252F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

403c435e20925bc3acb41347e68c451c9be3feeae23727cb721beeee04e21000

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4SeHpPROPfPtACyhfXFABg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20389
x-fb-rlafr: 0
x-fb-debug: Y4gM29D4CDue3RuoxP9UQ84P+zpIcmDelOCsgsk7JejRohVkTb9TsBcB58aD8XhaG27pwgEPEWrfBbVzmqi7LA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 07 Jul 2023 01:03:23 GMT

GET
H2 200 5SEHA6W-eWH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame F1A0 320 KB
86 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/5SEHA6W-eWH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da0ceb160fc37d9520919f57e27ef6cf40e2d75da080baa7ef562ca17296eea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gEl8JAzn8Ck6RNu1aP0YZw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88150
x-fb-rlafr: 0
x-fb-debug: ro+js69hWktdlzGKdrN3BQ8AM358xxh/jSAYjppRh1TfLNXAA+tw+73JA8U2OHt39Ng0PU2j+kP8YpTNSEjNBg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:43 GMT

GET
H2 200 6y34msrTeDr.js Show response
static.xx.fbcdn.net/rsrc.php/v3iN_84/yt/l/de_DE/ Frame F1A0 153 KB
43 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iN_84/yt/l/de_DE/6y34msrTeDr.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b704ec59f97cfc7ea92c4a77d0257bf73cbfc020166969b996d9f784eb04ed1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Je2lbNctXMZdpc0HOoVk0A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43349
x-fb-rlafr: 0
x-fb-debug: WWyFBT97W5NDzuuu4CqxQQLNAO7vk3HfQO6WaqjNEAESRNXO5jWr0u/+23ueB7SCzGM9vuofq3euYnw10v2tNQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Jul 2023 22:27:14 GMT

GET
H2 200 kGvrBSvrRfA.js Show response
static.xx.fbcdn.net/rsrc.php/v3iVab4/yb/l/de_DE/ Frame F1A0 42 KB
13 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iVab4/yb/l/de_DE/kGvrBSvrRfA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3fea90774c3705eb0c479157417dcac4972cf310e89414709493bdb460dca96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SyVOPpTuP3yiYUn8Wkq04A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12679
x-fb-rlafr: 0
x-fb-debug: V39t3LoH7WVEX4Ndqcj59D2+Do+pBGE+Trz8VSlaMy0dJY390vgMT9tOSEevAAwoU3HkYbzcDT0g+m4aaZQ9bQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 13 Jul 2023 22:27:14 GMT

GET
H3 200 lbAKCbOhTns.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame F1A0 33 KB
10 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/lbAKCbOhTns.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/5SEHA6W-eWH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

327fabc96d44f5eaf163e0849722b761a00fa8b8079c77ccef3bc5f4577a1fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gnDv+5ZxfDdlMJoV4LsWMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10342
x-fb-rlafr: 0
x-fb-debug: j/gkDVC1Er//DhYr2MDjVdViLvS6WSY8KJJeARMK4C98aOZEov1XGivbc9Jbvd0vI3ddUnRvKSmULHHgXTqdKQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Jul 2023 18:57:50 GMT

GET
H3 200 tEyxdXZNU_p.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame F1A0 721 B
446 B 8ms
8ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/tEyxdXZNU_p.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/5SEHA6W-eWH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qVSJF/6ycs/5uNocEebDvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 392
x-fb-rlafr: 0
x-fb-debug: uHHnSncLdGuDkfwLUPVkqkgReqOxPSLBPmW1ylMedRIZf8wy/vAJklX2m8zf1wcjzxBDerieS+bZl5EcgU6Fyg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 06 Jul 2023 19:57:26 GMT

GET
H3 200 tEyxdXZNU_p.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame EA90 721 B
446 B 7ms
7ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/tEyxdXZNU_p.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qVSJF/6ycs/5uNocEebDvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 392
x-fb-rlafr: 0
x-fb-debug: uHHnSncLdGuDkfwLUPVkqkgReqOxPSLBPmW1ylMedRIZf8wy/vAJklX2m8zf1wcjzxBDerieS+bZl5EcgU6Fyg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 06 Jul 2023 19:57:26 GMT

GET
H3 200 wvZWaQbGrTr.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame EA90 125 KB
20 KB 9ms
7ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

403c435e20925bc3acb41347e68c451c9be3feeae23727cb721beeee04e21000

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4SeHpPROPfPtACyhfXFABg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20389
x-fb-rlafr: 0
x-fb-debug: Y4gM29D4CDue3RuoxP9UQ84P+zpIcmDelOCsgsk7JejRohVkTb9TsBcB58aD8XhaG27pwgEPEWrfBbVzmqi7LA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 07 Jul 2023 01:03:23 GMT

GET
H3 200 5SEHA6W-eWH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame EA90 320 KB
86 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/5SEHA6W-eWH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da0ceb160fc37d9520919f57e27ef6cf40e2d75da080baa7ef562ca17296eea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gEl8JAzn8Ck6RNu1aP0YZw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88150
x-fb-rlafr: 0
x-fb-debug: ro+js69hWktdlzGKdrN3BQ8AM358xxh/jSAYjppRh1TfLNXAA+tw+73JA8U2OHt39Ng0PU2j+kP8YpTNSEjNBg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 13 Jul 2023 17:50:43 GMT

GET
H3 200 6y34msrTeDr.js Show response
static.xx.fbcdn.net/rsrc.php/v3iN_84/yt/l/de_DE/ Frame EA90 153 KB
42 KB 18ms
15ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iN_84/yt/l/de_DE/6y34msrTeDr.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b704ec59f97cfc7ea92c4a77d0257bf73cbfc020166969b996d9f784eb04ed1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Je2lbNctXMZdpc0HOoVk0A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43349
x-fb-rlafr: 0
x-fb-debug: WWyFBT97W5NDzuuu4CqxQQLNAO7vk3HfQO6WaqjNEAESRNXO5jWr0u/+23ueB7SCzGM9vuofq3euYnw10v2tNQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Jul 2023 22:27:14 GMT

GET
H3 200 lbAKCbOhTns.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame EA90 33 KB
10 KB 18ms
16ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/lbAKCbOhTns.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

327fabc96d44f5eaf163e0849722b761a00fa8b8079c77ccef3bc5f4577a1fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gnDv+5ZxfDdlMJoV4LsWMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10342
x-fb-rlafr: 0
x-fb-debug: j/gkDVC1Er//DhYr2MDjVdViLvS6WSY8KJJeARMK4C98aOZEov1XGivbc9Jbvd0vI3ddUnRvKSmULHHgXTqdKQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Jul 2023 18:57:50 GMT

GET
H3 200 4jBsh21hvl1.js Show response
static.xx.fbcdn.net/rsrc.php/v3ifvB4/ys/l/de_DE/ Frame EA90 1 MB
294 KB 19ms
17ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ifvB4/ys/l/de_DE/4jBsh21hvl1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

addfc363d893805316e9cc59b2383de1f2057000ded326567019610c3812bb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: avHoPX/hqWXY/OIoBgKUgg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 301089
x-fb-rlafr: 0
x-fb-debug: +BRzfi9irEKG4SbG7J7fLIhCc6NqopJ9+P+k44SIy4+RXgYGiUdMyk6O7xmo5ysWVi2Ttz2icbk45Q7fXWWPSg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Jul 2023 20:41:53 GMT

GET
H3 200 KM4vffuo-0L.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame EA90 2 KB
842 B 19ms
17ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/KM4vffuo-0L.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SuHjmWcicjHzSu82QnUDDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 788
x-fb-rlafr: 0
x-fb-debug: 6MJ8D9amLZewLVKmRP8gHF/8bbql6JGSsUgBEFl9gGhlRAtRUftQ1i4/7oSAsd9YAJpmUs1cz+IT5PSSxAHCUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 05 Jul 2023 17:02:46 GMT

GET
H3 200 kGvrBSvrRfA.js Show response
static.xx.fbcdn.net/rsrc.php/v3iVab4/yb/l/de_DE/ Frame EA90 42 KB
12 KB 15ms
13ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iVab4/yb/l/de_DE/kGvrBSvrRfA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3fea90774c3705eb0c479157417dcac4972cf310e89414709493bdb460dca96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SyVOPpTuP3yiYUn8Wkq04A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12679
x-fb-rlafr: 0
x-fb-debug: V39t3LoH7WVEX4Ndqcj59D2+Do+pBGE+Trz8VSlaMy0dJY390vgMT9tOSEevAAwoU3HkYbzcDT0g+m4aaZQ9bQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 13 Jul 2023 22:27:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 16DD 13 KB
5 KB 36ms
36ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novynarnia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 20:59:45 GMT
expires: Thu, 13 Jul 2023 20:59:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6BE0 783 B
534 B 49ms
49ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca57a70575a24b8b58daceee544cdaf9f7d5788ee40e09df7ed853a249ed9901

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ePUciV7ybqCCsY61H5iUpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novynarnia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ePUciV7ybqCCsY61H5iUpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 00:54:00 GMT
expires: Thu, 14 Jul 2022 00:54:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js Show response
pagead2.googlesyndication.com/bg/ Frame 16DD 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 14:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13754
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 14:16:03 GMT

GET
H3 200 0OfGJ6f3fum.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame EA90 311 KB
47 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/0OfGJ6f3fum.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/5SEHA6W-eWH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06a890fe452f16dbf0442c9a67ffe273771a2dd5feb4bd25a47fc5d0198ff548

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nn7ANqHPt5E5sl+NuJ7owQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 47672
x-fb-rlafr: 0
x-fb-debug: e/pV14n7+figFYwVpjcjZk1lg1VaLpI15qnCe26NatYIcB7mEvLhjyRuX00ER3VPifWognqPNZnk+lJqMLZOrQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 13 Jul 2023 17:51:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6BE0 0
0 89ms
88ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=1175129764789150&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame EA90 251 KB
251 KB 8ms
8ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: xumP4y/PlNDxVi8zazKge8Vgy80p4Z+tumwOin/HePSjKComAYnjaFqxIo2nL8gqfhCFLs2BDIsepTxtzmYbzQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 08 Jul 2023 23:32:41 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame EA90 1 KB
1 KB 8ms
8ms Image
image/jpeg 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: kSvA9t/5zXTOyRRBjaAR0Y8Exaf3XOAQkZ0W9euq7Ogo6Q/b+Lkh5hVF6xL87moqje2QtkkhrCQYL9nKj7kdHA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 08 Jul 2023 01:40:58 GMT

GET
H2 200 65722870_101121557858082_8035836398672019456_n.jpg
scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-1/ Frame EA90 1 KB
2 KB 92ms
48ms Image
image/jpeg 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-1/65722870_101121557858082_8035836398672019456_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=111&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=5fBEk5ro8HEAX-ywuH1&_nc_ht=scontent-lhr8-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT8-JX-xMOQvDenSVYbq0ZE0CHof_ZULt0LsqREhMSyLuQ&oe=62F47EEA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1721d208caafa%26domain%3Dnovynarnia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnovynarnia.com%252Ff3011563040f13c%26relation%3Dparent.parent&container_width=710&height=100&href=https%3A%2F%2Fnovynarnia.com%2F2022%2F02%2F19%2Fvystup-prezydenta-munchen%2F&locale=de_DE&numposts=3&sdk=joey&version=v10.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 29de37b70fc9b8856795cfcaef15accd0e117df58ab9b0bf778aa4d680579282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum: 2705705062
date: Thu, 14 Jul 2022 00:54:00 GMT
x-fb-trip-id: 1679558926
last-modified: Sat, 29 Jun 2019 11:57:15 GMT
x-content-cdn-origin-ts: 1657760040842
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1261004001
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: X3Q4vvpFuLd8Z73S8DoQHczbnEIJHBFSRC8E6_xTtV8APNhYV9fUnCeTvPzcqgVwquz_98yiSNK5KdSTOYqGAg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4201390609
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1226

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 16DD 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BwiWrw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:54:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98C2 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmrjtWMzVIuaaKbm0vT89SJ0Y9JWtL9L47Ift0hmGe7jI6VsW7ZoGkVYeTVn8VXeqLs60IICKEF19Gn0IkseJjksAvLOKJyyQ2C_108dc5EvDEbKWXWpfOQwGrhrhds42pbXpdYWSbDDKh&sai=AMfl-YRyHeecC3fn6bWBNi-TwRAU_jqlECxr5qUnCnjPjBHJcmI6hFWtiHZBsd8HUQ45NO0iZL_zWgR9QKAj&sig=Cg0ArKJSzG99KPGjRirCEAE&id=lidar2&mcvt=1000&p=0,0,90,880&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1857911984&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657760039432&rpt=846&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:54:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
83ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=1175129764789150&bg=!5eal5qLNAAaYcLjmuHA7ACkAdvg8WqO2CFkv9wUEDPLZNIOX_od4bJNPunJzo1QZ_8cAPYj9lT6UfAIAAAB2UgAAAANoAQcKAFEiDBVT0cJEORZEDEGzdgKZWf7oxM_5AvXzWeXxbsfur7JyOos1Ac4YyCzSfE5qx3EDULSWYuRhKtPomVV-awmuRQKWulhI3xwDTpyLxzVNRWyZAqHGCWTb_z_04rGcRTVdIi2AmezAXbW2AMIX0m4_inCm6yFDkHt0_SFfWhVHqhuICeZEF9b0F6pEBky08sbcAI0vVSNzy2j9mwMY-KvBzynTdOtajnqySBw_zcsa2XtXgZ_I1KRa-T_H-M9iAr8eJlvU1ReLQ_sflLHn2_M344XjFxqQPWTj57feu6MbYKXIVaWyfKy6h7DliN9A5lK807K4cVo6rgrl4ZUWtUrbU31hkGWeUZw9Nqy6FGIZKRZ6UoFBiIkWY62nDfTN5j3k8P-7iCwV38n-map1ExusWBiOx3_JQjpKWZ66VjooyH8izX_7kWWpdKeR9Q5zVJGQ_kVF7aSWWv8SxRO0iqVyN_ZG6Eheu1IfXlppnZEwk6uNbaPxH5bKZHmR8mp6BDAuhFTZLuxXidwzrh7axZii4X8JjX0JGNFQJS5v98ukIznJ8I4-CJzBM5_znWIAxPYM7oHsPImItvQSHhFg1Fc8fc88vUKwNx3VYkALBxAULyUx3zeMVacZvp1J7Dh9J2Gtfl6cNKINuN9SqJyffPbsWzKiA_KKXZuupZA7T90l8Mp6Zcocj1iMPnjcedVt7kPMT_DevrpZNLmexvumNn1njK2RtSddPOYE7LAkK0dDpendwYskZVZLFr1jRP0MU74hmPFMyGq6gxYqjHMvgZyeDlXcgZClyPI3z9Wqp7ntCpcfPPF56b03Mrc7ZTasxnrv88bjyBIng8j7N1KXR4-62tYPtrAGM7ITRRB0dxZvxpgbEOpsc8tuu6dGPuvns8OgKZxtYdxf2JxFdbnBaV2CMiHVdayZrHoMswRcZG5X05dvUS21PxDuuHkwqciI5qhcXydG6HCsq049JQrbvmd4x1LxSppx-4ztDEaBeSkd6ZRaTgFZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novynarnia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 595e43145e7d46d43b2fd1de5b19e30eb722cdd627e90861b3ffef4ee339dff3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 534 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d593c66c999feb41ee25bc5b411c41b1d799ccedce548892209761890b5a7852

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.novynarnia.com/	1970-01-20 04:30:46	Name: _gid Value: GA1.2.1396099090.1657760039
.novynarnia.com/	1970-01-20 04:29:20	Name: _gat_gtag_UA_72289807_1 Value: 1
.novynarnia.com/	1970-01-20 22:00:32	Name: _ga_JZB3ZJ9NR0 Value: GS1.1.1657760039.1.0.1657760039.0
.novynarnia.com/	1970-01-20 22:00:32	Name: _ga Value: GA1.1.40300359.1657760039
.novynarnia.com/	1970-01-20 13:50:56	Name: __gads Value: ID=809a0f6fa83a2f8e-22e454d5cccd00d9:T=1657760039:RT=1657760039:S=ALNI_MaBoOx2184C7SJH1Uj014bFbtw54w
.ua.redtram.com/	1970-01-20 04:29:45	Name: rt_page Value: 5
.doubleclick.net/	1970-01-20 13:50:56	Name: IDE Value: AHWqTUnhTVOqNX24ehTzVGZO8SbRoILXqUjval-UE7QleGx93WRRM2-f4SNwipMJATY
.doubleclick.net/	1970-01-20 04:29:23	Name: DSID Value: NO_DATA
novynarnia.com/	1970-01-20 04:30:46	Name: pvc_visits[0] Value: 1657846439b315016

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
connect.facebook.net
fixidle.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.redtram.com
misto.travel
novynarnia.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
scontent-lhr8-1.xx.fbcdn.net
static-login.sendpulse.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
ua.redtram.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
141.193.213.20
151.139.243.27
159.69.174.229
159.69.174.59
2001:4860:4802:32::36
2606:4700::6811:180e
2a00:1450:4001:806::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f058:f:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::3
005413e4f940495494f4b983e23756a0e1aab2e5786d5f5b5b0a6d7147bcd184
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0505a427d2ac12ddd8c1ce970f3312b465bcf3d45b1aba001ca5c55be5618333
06a890fe452f16dbf0442c9a67ffe273771a2dd5feb4bd25a47fc5d0198ff548
09dfb4d2c31afd554660d1c993c3dc6668338b5703e9e28a0033d8389cebcb69
0a3d060b79d7840d1dbe3377a8ca221dad33dd0c30313449b7794525351611cc
0a85179d4396c72862afe84a0b750f9bfc9ebbae18c530a4fb1a08a5f0b61c44
0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1
1035ae27faa7ca7f416eb70abfcd891c60f94575d7f8b899dd43f794ba614709
1617d7ebe0d8360c2d0e962768217b56de1210a1b71da84bf5916c6dac3dabc1
1799f4d95d568d484ce084688ff988ea68b2a9b60ca576a84f357ae8f24cb34a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b354f678dffeb41da0297af3248187d4509a118a26441dc77f4f01d3472303c
1d849575b64715164eea3cfcbd8a802456474ccac7752dfad813830289b83f20
226c051f6ac874100e2f8b3ab8a25f54ea9e24811549fb283f92754fe34eae40
292d592f7fa1df2fa653ecc1e03d5eb2ae68277c6df264f762aefb8218e23454
29de37b70fc9b8856795cfcaef15accd0e117df58ab9b0bf778aa4d680579282
3081af04bbaf03a33b15a177af37f0e46ffdc09469bdd3200795f52626a6d693
30c651c4ac925c4ff68c71ae55e4858774bac9746033155033fb759d7f5e6960
327fabc96d44f5eaf163e0849722b761a00fa8b8079c77ccef3bc5f4577a1fd1
32a9e55359d72ced7b4a934c2cf438f4120c5b8956ed57a04b305d1ac69bb5d0
33cd68c65979017f1aa284e5f84677460493f695b7dbf1164710fca262cd6ce9
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3f4ce8cb17eca6c5c45666b110e1a88b4f176424985c1623bca510f2ff56d560
3f7278c0c4272b6ff65293c18cdbb7e2e272f59dabe16619c22051d319ef44e0
3fea90774c3705eb0c479157417dcac4972cf310e89414709493bdb460dca96c
403c435e20925bc3acb41347e68c451c9be3feeae23727cb721beeee04e21000
420d5c7ee5a3e7582b7ed91343962411712a183d42a69395c4bc1fe378699f07
44b9a39b97149959b2b52ecdf58be12fafb39a9d83f3003d16c1a2a693dbfbbb
4627acba7d2699a6e0ed65aa44db5581ae3f0df45d5fd38d5f7bfc2e385cdf8e
467604f1339295ef3861c54dc14e4f6cee9a7e72f207c72ef4a1499c86ac2291
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
5096a7113965d991bfa1bfde268f86b4a27a58f67adbdf0a2cd124edc2ff1145
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5648d2078756ae0b084312c46b02d82905cd9fb84262267cafcf9b71828ac358
595e43145e7d46d43b2fd1de5b19e30eb722cdd627e90861b3ffef4ee339dff3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
649efd3b18f3e9c03757831a8a192077b72fb32547f25d9746954c4348594aa8
65c15002045f26c48b7ad8a1f3c50e76f1206d1ff70aa0b6965caed83dd5dd39
6742619cceb7dfde60e807b23d59825185cd2f4f2f5cdcc36cf214d706c9cac1
686a984a5a1b7f770a8f446487028a504259711778820c4d3332674d65d59438
6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf
700fbd987da9f43089d6700b409a4a9ff2c512e9f47ef932931ae3b981bf7b39
71dfd5ad9c96c84042407093ec44693a59ee235080c98079ce48222372214e91
749b8311fec6d7ea512e5a9073e5d267502685c01cb0db0176d974f896a2c7a8
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
7e11559d9147a5046acecaadbee2fc61ad0c68a30bca5cf08f4e6704caacde66
7e6c2794aacc6f4ece40ba67a391855b77a71a889e7bc61fa246a71792641f10
7ec350f27c692550eceb6e8f5fdfc7804df39f8f11577aa559db153f4e32512c
849c5a11991b2d99550b8590d19f6b0cefc9fe6a881f205765b21742fce78e2d
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8812a7032b1b669c7bc81e96748ba67ca7911c47700956d6e1c6109e1918d9fd
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ba3c4e09d6e395f89c88dbbe098366ca9134083506bf88004204080da5ba53a
8e238a0ea46439251f907bb9694642cfe6121e90b2c218ac2e163c27f93ee2a5
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a87766e276124c5d72e15580ebcf9e5b78fe277d09bce31a14115ee8e3f36b4
9ce61b5124c26ecd33fa1bb71f1b506610e41fbcd9f15b321af4706c6ddd42ef
a0fc058eeb3781e05993b00ed0fad30fd1393ad439185bda5c8831b958e9330b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2c6f26aedda2334672fdfb4c77b5dd61182cd30e6ee8bb2389144a4d16d367e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5fb8698f9688c4f1c4a38a4fc8903509876fc645d734d5719f26ffc8d98eefd
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
ada19495a6822389761a843a7312c7f0e0ee0d3c2e4152fd454d3ab12be90fac
addfc363d893805316e9cc59b2383de1f2057000ded326567019610c3812bb8f
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b3f40eab1d8e5bb29f8924aba7531048e953991a81bcb161d70e1883a511ee0a
b4d87ecdeef29042f05b26ad81fbfece47292270eb0cfb10ab132f18c3ce98cd
b704ec59f97cfc7ea92c4a77d0257bf73cbfc020166969b996d9f784eb04ed1a
b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
ba354b3fd0191d7cc7df248f1b8b6131ca72f193c31761dd8e9db07e3b037ddc
ba636f1cb6bfd323dac1fb079cd002b5d486ed5eff54f4c4744b81316b257e96
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bcbb0a9f261b7fbda3444357742c7e55fd34aa851cbb2b8ab7fc90852d5a3f5f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdbc00de393216f6118f704088accc9ebddd220480741d5ed088c01f46f84088
be2d7b293e15a8e8ddfb557926224bbcb748ca0e0262830cdfd5faa49cb05995
be7503deadb365257b57a9d4c8294e9b2dda2a0088da70849c0dd1bd7c5042bb
c0233aa7c793c36af7714410aeba73beb3b0df799ccd34ea373364973c34cdc1
c111b831f6c1a1e3739ed71a1b82378e98e8c307a2bc050abca5db4179c391ef
c201289223855938eb38f0459475a0eb5c94b9e94b36695ffe4a48e31ccdb881
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
c4228c09791fbfb34808fcceee10eae2753dddcb3b7f6659d59526b4ccd11d71
c4838a24ad388f934b04dbf9dba02a8bc6e9e58d0a1076477b47b5987a5c2d64
c5d185ce818cfc3cc09ca3a6098d1997d6732d8c85f2883cbb7d50e794ce7607
c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c
c7aa2227ae6c6c214eab9c8c4be6d56e4ff0c9ce03a88a0df4926992c3c05fd9
c992bcc83fec9a870d84f177e4e2c3e8b1610c5a9d2718379b24d4ad1c5e0d69
ca380312a4f8f9c286b1322316ea8c8381f5fedf7c97440fcfee1f9c4e76aab7
ca57a70575a24b8b58daceee544cdaf9f7d5788ee40e09df7ed853a249ed9901
cdf5b6f8ce205cce9f1dae0340abf9c255aa2e1af8e4232e63d4f3ccc1247f95
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d053af154679353afaf4aa8e7aada73d9b1ce2ef6a97b11ec7c9ebd5137cd1c3
d593c66c999feb41ee25bc5b411c41b1d799ccedce548892209761890b5a7852
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
d8e8c5910a863b0659356566262a5a4123f8982a2a027763c31276e2eb491d75
da0ceb160fc37d9520919f57e27ef6cf40e2d75da080baa7ef562ca17296eea4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e03632e85c8f796ff8be7c261207a54dcdd582c3115d2d10fdb09818121135e0
e1df71b431c8456970ccc30796e73eb96510506e054de1421e4561ca974285a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c44b7ce8a72720e2ab8b38b8885fca36dda04daa14ae37909bbd501d853074
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
e826e8f2ee488b700ac070e029b9b5692376cb66a6803f5bc97296849d4eca67
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
ea89056d782cf1fff924d26911fcb90439586b986d1fcb3f263fc79190bc27ef
eae6afacc70427c1fbe820feb72bba66cd7526cc5c65afc2fe148c07152bae9d
eeb986a67666a48cab666c25c13137e73116c64e06e78db94cc82f29f67a0775
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1175ed541da3206620523b17b435df203157471aa550e425fdc47354a6adfbf
f1cdd2a07176f0e7efc0cfe9fc40d93072f9ecb95d8d4b6c21ee7a55eec81daa
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f5e03ddb7b036f7dfe29141a1c818bd8384a727836f62da7f7f345e8b9f56f10
f8d73587f3df8baed83bdfdbd0db3ae50d56f9e4e955359dcc9f03f9d9cf87fa
fb847daa088a8611168d1ad60aa47c8ba9597d387c0e030348d33261e60c2de1
fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8
fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

novynarnia.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

135 Requests

100 %HTTPS

82 %IPv6

19 Domains

27 Subdomains

23 IPs

4 Countries

2421 kBTransfer

6475 kBSize

9 Cookies

56 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

novynarnia.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

100 %
HTTPS

82 %
IPv6

19
Domains

27
Subdomains

23
IPs

4
Countries

2421 kB
Transfer

6475 kB
Size

9
Cookies

135 HTTP transactions
8 data transactions