urlscan.io logo urlscan.io
SecurityTrails logo

newmed.su Open in urlscan Pro
77.246.156.158  Public Scan

Go To Rescan Add Verdict Report
URL: http://newmed.su/
Submission Tags: su l4ing leak ru Search All
Submission: On June 20 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 5 countries across 27 domains to perform 107 HTTP transactions. The main IP is 77.246.156.158, located in Russian Federation and belongs to RU-JSCIOT, RU. The main domain is newmed.su.
This is the only time newmed.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 77.246.156.158 29182 (RU-JSCIOT)
3 2a00:1450:400... 15169 (GOOGLE)
3 62.76.25.27 61400 (NETRACK-AS)
17 2a00:1450:400... 15169 (GOOGLE)
1 85.192.12.169 12695 (DINET-AS)
1 85.192.12.176 12695 (DINET-AS)
1 85.192.12.170 12695 (DINET-AS)
1 62.76.25.28 61400 (NETRACK-AS)
1 92.38.252.165 12695 (DINET-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 85.192.12.173 12695 (DINET-AS)
3 9 2a02:6b8::1:119 208722 (GLOBAL_DC)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 193.106.92.202 48614 (ITSOFT-AS)
3 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 85.192.12.174 12695 (DINET-AS)
1 1 146.0.227.109 29066 (VELIANET-...)
1 193.200.65.6 6681 (GIVEME-CLOUD)
1 31.220.27.155 39572 (ADVANCEDH...)
107 24
31    77.246.156.158 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: o.shpill.example.com
newmed.su
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    62.76.25.27 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
ohgskf.com
esdykv.com
ddyipu.com
17    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
1    85.192.12.169 (Russian Federation)

ASN12695 (DINET-AS, RU)
1p3opxwwet.ru
1    85.192.12.176 (Russian Federation)

ASN12695 (DINET-AS, RU)
jin0cbonpi.ru
1    85.192.12.170 (Russian Federation)

ASN12695 (DINET-AS, RU)
knkqjmjyxzev.info
1    62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
bveyge.com
1    92.38.252.165 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)
allstat-pp.ru
4    2606:4700:3036::ac43:a434 (United States)

ASN13335 (CLOUDFLARENET, US)
newrrb.bid
1    85.192.12.173 (Russian Federation)

ASN12695 (DINET-AS, RU)
pdayyocpnvh.ru
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
2    193.106.92.202 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
PTR: mail.proboard.ru
prodmp.ru
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
13    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)
dmpprof.com
dprof.site
1    146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
Apex Domain
Subdomains		 Transfer
31 newmed.su
newmed.su
795 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
445 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 10186
2 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
75 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
65 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 9
1 KB
4 newrrb.bid
newrrb.bid — Cisco Umbrella Rank: 307716
22 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
3 KB
2 dmpprof.com
dmpprof.com — Cisco Umbrella Rank: 14756
1011 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
85 KB
2 prodmp.ru
prodmp.ru — Cisco Umbrella Rank: 50731
354 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7295
914 B
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3187
70 KB
1 dprof.site
dprof.site — Cisco Umbrella Rank: 151238
536 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3989
241 B
1 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 96008
351 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2737
497 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 861
642 B
1 pdayyocpnvh.ru
pdayyocpnvh.ru — Cisco Umbrella Rank: 120004
48 KB
1 allstat-pp.ru
allstat-pp.ru — Cisco Umbrella Rank: 364346
4 KB
1 bveyge.com
bveyge.com
19 KB
1 knkqjmjyxzev.info
knkqjmjyxzev.info
42 KB
1 jin0cbonpi.ru
jin0cbonpi.ru
46 B
1 ddyipu.com
ddyipu.com — Cisco Umbrella Rank: 749676
19 KB
1 esdykv.com
esdykv.com
19 KB
1 1p3opxwwet.ru
1p3opxwwet.ru
42 KB
1 ohgskf.com
ohgskf.com
19 KB
107 27
Domain Requested by
31 newmed.su newmed.su
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 pagead2.googlesyndication.com newmed.su
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 mc.yandex.com 2 redirects newmed.su
mc.yandex.ru
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
newmed.su
googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 newrrb.bid newmed.su
newrrb.bid
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com newmed.su
googleads.g.doubleclick.net
2 dmpprof.com pdayyocpnvh.ru
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 prodmp.ru pdayyocpnvh.ru
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 mc.yandex.ru 1 redirects newmed.su
1 dprof.site pdayyocpnvh.ru
1 s.uuidksinc.net
1 m.trafmag.com
1 inv-nets.admixer.net 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pdayyocpnvh.ru 1p3opxwwet.ru
1 allstat-pp.ru newmed.su
1 bveyge.com newmed.su
1 knkqjmjyxzev.info newmed.su
1 jin0cbonpi.ru newmed.su
1 ddyipu.com newmed.su
1 esdykv.com newmed.su
1 1p3opxwwet.ru newmed.su
1 ohgskf.com newmed.su
107 30

This site contains no links.

Subject Issuer Validity Valid
newmed.su
R3		 2022-04-20 -
2022-07-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
mwcjzvmrtv.ru
R3		 2022-06-17 -
2022-09-15		 3 months crt.sh
jin0cbonpi.ru
R3		 2022-06-12 -
2022-09-10		 3 months crt.sh
0u48ltm1ok.ru
R3		 2022-06-07 -
2022-09-05		 3 months crt.sh
allstat-pp.ru
R3		 2022-05-08 -
2022-08-06		 3 months crt.sh
pwrlkyotm.com
R3		 2022-05-19 -
2022-08-17		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
prodmp.ru
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
dmpprof.com
R3		 2022-05-22 -
2022-08-20		 3 months crt.sh
uuidksinc.net
R3		 2022-05-20 -
2022-08-18		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://newmed.su/
Frame ID: 64DF5AB8B590E0A9C799E79858384F0D
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Frame ID: E33600F1D03A1BED86DCB9FB982AFE19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7698631066832587&output=html&adk=1812271804&adf=3025194257&lmt=1655684115&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fnewmed.su%2F&ea=0&pra=5&wgl=1&dt=1655684115480&bpp=2&bdt=476&idt=78&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7528740821185&frm=20&pv=2&ga_vid=1945084976.1655684116&ga_sid=1655684116&ga_hid=1825577469&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531608&oid=2&pvsid=1574716202718920&tmod=1732110553&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=93
Frame ID: 0F35E15459181B7242F5D714E74659E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Frame ID: B434A3F0A0D39E0C9F6B049292AAB107
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Frame ID: D7447104AA6395D1D34E959A35108F1C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 01D54F3AC9D9B56DCA7F91FBA915B153
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 19B3D79F304A776C65133B1065B6E62E
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: 639023851F78723D47E022CC27C2FB90
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: FB33D587B9C83BF7CD6D289BEDEB422E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A58B91F274F48097287AB49097452F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2CBC40ACCB5179D442ABD69B2C10E55
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NewMed.su - все для мамы и малыша

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

107
Requests

85 %
HTTPS

42 %
IPv6

27
Domains

30
Subdomains

24
IPs

5
Countries

1779 kB
Transfer

3383 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • http://newmed.su/wp-content/uploads/2019/11/logo2.png HTTP 307
  • https://newmed.su/wp-content/uploads/2019/11/logo2.png
Request Chain 59
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9674.FO85mDdblbjH6CJBgRK01x0SFOBorNLgtg5JDfV8-Edh1xUarIRNhTUd-MtggyTT.TGlA-zKh37eAgX6CINFSZdMU4ns%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9674.9yWGsazEFNnt1c_F_bv7rQvkAxhAswpBAmkXfyXaaGdAHmn4kyqdErQ7SOHNfR9R26PffsjzOkUvZatdpMY4dg%2C%2C.IrcGe9uCNfpLsJwLBAXQCJu20g4%2C
Request Chain 61
  • https://mc.yandex.com/watch/56153788?wmode=7&page-url=http%3A%2F%2Fnewmed.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A935%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A159801218684%3Ahid%3A1039403414%3Az%3A0%3Ai%3A20220620001515%3Aet%3A1655684116%3Ac%3A1%3Arn%3A457393217%3Arqn%3A1%3Au%3A1655684116333714539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1655684114481%3Ads%3A389%2C48%2C80%2C48%2C0%2C0%2C%2C570%2C0%2C%2C%2C%2C1136%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655684116%3At%3ANewMed.su%20-%20%D0%B2%D1%81%D0%B5%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%D1%8B%20%D0%B8%20%D0%BC%D0%B0%D0%BB%D1%8B%D1%88%D0%B0&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/56153788/1?wmode=7&page-url=http%3A%2F%2Fnewmed.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A935%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A159801218684%3Ahid%3A1039403414%3Az%3A0%3Ai%3A20220620001515%3Aet%3A1655684116%3Ac%3A1%3Arn%3A457393217%3Arqn%3A1%3Au%3A1655684116333714539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1655684114481%3Ads%3A389%2C48%2C80%2C48%2C0%2C0%2C%2C570%2C0%2C%2C%2C%2C1136%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655684116%3At%3ANewMed.su%20-%20%D0%B2%D1%81%D0%B5%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%D1%8B%20%D0%B8%20%D0%BC%D0%B0%D0%BB%D1%8B%D1%88%D0%B0&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 99
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=489ca399-6e73-4396-8e57-a46437ece00a HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=007ad716241b49ebb5385b7055386dfc

107 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newmed.su/ 		71 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://newmed.su/
Protocol
HTTP/1.1
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
08bf1239cd5d3f3b55855bec2f90cdc1c46b848e10d4f8546d492b359f64c97f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Jun 2022 00:15:14 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
WPO-Cache-Status
cached
style.min.css
newmed.su/wp-includes/css/dist/block-library/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Tue, 23 Feb 2021 01:07:37 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60345559-c88a"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51338
autors-style.css
newmed.su/wp-content/plugins/autors-by-webnavoz/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/autors-by-webnavoz/css/autors-style.css?1_602
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2e4cd00b0c739429843de5055d3574fa4a52b60788dfe7e8f2e635a2f293d069
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:02:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94bb-2065"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8293
styles.css
newmed.su/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Mon, 05 Jul 2021 05:01:35 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60e2922f-a50"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2640
vote2x-style.css
newmed.su/wp-content/plugins/vote2x/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/vote2x/vote2x-style.css?1_2_2
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dee92009ae98358c0623d4f4f01cfc3318825931f1903e987e76e366838bc9b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:02:52 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94bc-c61"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3169
postratings-css.css
newmed.su/wp-content/plugins/wp-postratings/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/wp-postratings/css/postratings-css.css
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 15:29:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600aef48-549"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1353
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4088c4396769f8eda76e6f28917417d031b5d62da99e90135de61cefa16dfafa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Jun 2022 23:46:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 20 Jun 2022 00:15:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Jun 2022 00:15:15 GMT
style.min.css
newmed.su/wp-content/themes/root/css/ 		156 KB
156 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/themes/root/css/style.min.css
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
380c82f7c5f65cc16d41c9c1deaa67cdccf8895b6cc5f11e54e2caa0b53625b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 20 Aug 2021 14:59:56 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"611fc36c-26fd6"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
159702
jquery.fancybox.min.css
newmed.su/wp-content/plugins/easy-fancybox/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:02:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94bb-fda"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4058
jquery.min.js
newmed.su/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-includes/js/jquery/jquery.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 15:25:35 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600aee6f-15d98"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89496
jquery-migrate.min.js
newmed.su/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 15:25:35 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600aee6f-2bd8"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
ykp5s.php
ohgskf.com/v101l7192lvip0m/0y3/hq8/678uvq786/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ohgskf.com/v101l7192lvip0m/0y3/hq8/678uvq786/ykp5s.php
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 11:09:48 GMT
Server
nginx/1.14.2
ETag
"628f5ffc-4aeb"
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
19179
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1218b6a9fc669575b430a6146d6457885b1927ff49994b0e8d1232eef55860d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51389
x-xss-protection
0
server
cafe
etag
756204420281405901
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Jun 2022 00:15:15 GMT
script.js
1p3opxwwet.ru/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1p3opxwwet.ru/script.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3f8717f3516b26079c7ec8285d97f615fa1ddb49a75d1d15a9250da32a58fbe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
content-encoding
gzip
x-adsbid-request
uil79gcicvjl
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
server
nginx/1.18.0
kpy7v.php
esdykv.com/z891l7129vli0mpy038hq786quv687/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://esdykv.com/z891l7129vli0mpy038hq786quv687/kpy7v.php
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 11:09:48 GMT
Server
nginx/1.14.2
ETag
"628f5ffc-4aeb"
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
19179
786kyp9tr.php
ddyipu.com/r6ql17192vlip0my038hq687uqv/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ddyipu.com/r6ql17192vlip0my038hq687uqv/786kyp9tr.php
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Server
62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 11:09:48 GMT
Server
nginx/1.14.2
ETag
"628f5ffc-4aeb"
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
19179
suggest.js
jin0cbonpi.ru/ 		0
46 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jin0cbonpi.ru/suggest.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.176 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
server
nginx/1.16.1
script.js
knkqjmjyxzev.info/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://knkqjmjyxzev.info/script.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5a7d5c45c249a55ad504367550f267e67efa11725473449edeb102f3196f7fae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
content-encoding
gzip
x-adsbid-request
fhvdnv2rh4jv
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
server
nginx/1.18.0
vqu768kypc01r
bveyge.com/mn9l17912/ilvpm003y/oln/786/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bveyge.com/mn9l17912/ilvpm003y/oln/786/vqu768kypc01r
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 11:09:48 GMT
Server
nginx/1.14.2
ETag
"628f5ffc-4aeb"
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
19179
6c025f922bb3655652f94c0cbdc9f4afae3bb312.js
allstat-pp.ru/40/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allstat-pp.ru/40/6c025f922bb3655652f94c0cbdc9f4afae3bb312.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
92.38.252.165 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d5c4c719bbe7e725cacca1f8b9ef0e087fa6b4f97d15cac3992b60f6be9bedd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2022 13:05:08 GMT
server
nginx/1.16.1
etag
W/"62879204-38ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1hlmd.min.js
newrrb.bid/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://newrrb.bid/1hlmd.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Duration
518317
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Strict-Transport-Security
max-age=63072000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Mon, 20 Jun 2022 00:15:15 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3fsp7T3UrZ7N1UX6OQtdA0VREdQtdw4FgecD%2B2IvILwDA%2F%2FhnQQIZg%2B3YcBd%2B%2FXLoXcEtqsmSm0nqG%2Fvulk3cB0pyvNmqer8sL3wtZdJPczspAmjh0gRinnEMzR4xzThHpyGhtHq0zW"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
CF-RAY
71e04f19d83759a1-MXP
Access-Control-Allow-Headers
*
Expires
Mon, 20-Jun-2022 03:20:15 EEST
logo2.png
newmed.su/wp-content/uploads/2019/11/
Redirect Chain
  • http://newmed.su/wp-content/uploads/2019/11/logo2.png
  • https://newmed.su/wp-content/uploads/2019/11/logo2.png
30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newmed.su/wp-content/uploads/2019/11/logo2.png
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4c2340290b01501d8be54936b909a4f632b4850f678556d8de7107aee18b81a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:03:03 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94c7-78eb"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30955

Redirect headers

Location
https://newmed.su/wp-content/uploads/2019/11/logo2.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
scripts-autors.js
newmed.su/wp-content/plugins/autors-by-webnavoz/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/autors-by-webnavoz/js/scripts-autors.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
60b4eabeef1684e972476bf2101718583f7c8f69197628409edde64f9dbe95ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:02:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94bb-4e9"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1257
wp-polyfill.min.js
newmed.su/wp-includes/js/dist/vendor/ 		97 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 15:25:35 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600aee6f-183ee"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99310
index.js
newmed.su/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Mon, 05 Jul 2021 05:01:35 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60e2922f-34ad"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13485
front.min.js
newmed.su/wp-content/plugins/table-of-contents-plus/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Mon, 05 Jul 2021 05:01:52 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60e29240-17cb"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6091
vote2x.js
newmed.su/wp-content/plugins/vote2x/ 		519 B
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/vote2x/vote2x.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
300800dddd60d24b6ad5fa115c8a0e3bbd05b7816637cb84e6bfa220d63d86d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:02:52 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94bc-207"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
519
postratings-js.js
newmed.su/wp-content/plugins/wp-postratings/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/wp-postratings/js/postratings-js.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 15:29:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600aef48-d01"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3329
swiper.min.js
newmed.su/wp-content/themes/root/js/ 		122 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/themes/root/js/swiper.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7481ca08ab9f3cba9123f51023007c2132b1b31c09009c0a9dca77c1c2c98631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 20 Aug 2021 14:59:56 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"611fc36c-1e727"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
124711
lightbox.js
newmed.su/wp-content/themes/root/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/themes/root/js/lightbox.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a1e5f133bda3e06c7120cd15b93f918e47e43b57838d22dbb2f84fba0dc37d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 20 Aug 2021 14:59:56 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"611fc36c-bd2"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3026
scripts.min.js
newmed.su/wp-content/themes/root/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/themes/root/js/scripts.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9ab327a1b2500b2d50c3567e7b4acd32e9521404f30bad79ec5a7ca83aaf8238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 20 Aug 2021 14:59:56 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"611fc36c-1d5c"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7516
frontend.min.js
newmed.su/wp-content/plugins/q2w3-fixed-widget/js/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5d727db9ea126c70ff3a6f3fb73d6bb23f47e40961c4acbd010fe7c549fe0d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Wed, 23 Mar 2022 03:09:54 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"623a8f82-43c3"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17347
jquery.fancybox.min.js
newmed.su/wp-content/plugins/easy-fancybox/js/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:02:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94bb-4d4f"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19791
jquery.easing.min.js
newmed.su/wp-content/plugins/easy-fancybox/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:02:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94bb-8fe"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2302
jquery.mousewheel.min.js
newmed.su/wp-content/plugins/easy-fancybox/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newmed.su/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:02:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94bb-a31"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2609
b286ae57.js
pdayyocpnvh.ru/pixels/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdayyocpnvh.ru/pixels/b286ae57.js
Requested by
Host: 1p3opxwwet.ru
URL: https://1p3opxwwet.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1e508a9583f7eed5aaf6ab887e2a95f01855809251830231b765a3d59e43d96c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
cache-control
no-store
last-modified
Fri, 25 Mar 2022 06:57:36 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
tag.js
mc.yandex.ru/metrika/ 		203 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
70cd5366e26d943884b899bbb472b0b4660928d04c457fb45045339312fb5e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
content-encoding
br
last-modified
Fri, 17 Jun 2022 12:16:07 GMT
etag
"62ac4657-11654"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71252
expires
Mon, 20 Jun 2022 01:15:15 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://newmed.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 18:17:14 GMT
x-content-type-options
nosniff
age
539881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 18:17:14 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://newmed.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 19:36:30 GMT
x-content-type-options
nosniff
age
535125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 19:36:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://newmed.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 19:07:55 GMT
x-content-type-options
nosniff
age
536840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 19:07:55 GMT
fontawesome-webfont.woff2
newmed.su/wp-content/themes/root/fonts/ 		0
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://newmed.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
487773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 08:45:42 GMT
Snimok-ekrana-2021-11-22-v-1.56.12-330x140.png
newmed.su/wp-content/uploads/2021/11/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newmed.su/wp-content/uploads/2021/11/Snimok-ekrana-2021-11-22-v-1.56.12-330x140.png
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fc41e1a0b261df497931157a74047db3e99aa20865d24fdcb5450b3bf02a2135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Sun, 21 Nov 2021 23:01:56 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"619acfe4-5adc"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23260
Snimok-ekrana-2021-10-08-v-14.48.28-330x140.png
newmed.su/wp-content/uploads/2021/10/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newmed.su/wp-content/uploads/2021/10/Snimok-ekrana-2021-10-08-v-14.48.28-330x140.png
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c83800cecd9f6b66d3bcb66c1ff655d2ad471593663302962cfe690d1891c55b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 08 Oct 2021 11:53:59 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61603157-769f"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30367
Snimok-ekrana-2021-07-28-v-01.00.32-184x300.png
newmed.su/wp-content/uploads/2021/07/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newmed.su/wp-content/uploads/2021/07/Snimok-ekrana-2021-07-28-v-01.00.32-184x300.png
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2aa5f2a6fbbfcff9c183dc7127a61dccfc7a45f0adcb2db83c705ec52010a747
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Tue, 27 Jul 2021 22:06:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61008376-75a1"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30113
prikolnye-kartinki-pro-manikyur-i-nogti-10-300x200.jpeg
newmed.su/wp-content/uploads/2021/07/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newmed.su/wp-content/uploads/2021/07/prikolnye-kartinki-pro-manikyur-i-nogti-10-300x200.jpeg
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
90d77a254eccf68a9d5663dc0a842fab7c7a0050b6c97eabf58bcdab4a693167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Tue, 06 Jul 2021 15:38:29 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60e478f5-2f34"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12084
Bs39Nxphg_I-300x225.jpeg
newmed.su/wp-content/uploads/2021/07/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newmed.su/wp-content/uploads/2021/07/Bs39Nxphg_I-300x225.jpeg
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b09f6e0f73e931af8bafe9e4bacea1fd93a7ef96c6e878ff02cd74d1675d97d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Sat, 03 Jul 2021 10:22:59 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60e03a83-5219"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21017
pic-trampolskaya-anita-vasilevna-150x150.jpg
newmed.su/wp-content/uploads/2019/11/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newmed.su/wp-content/uploads/2019/11/pic-trampolskaya-anita-vasilevna-150x150.jpg
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c872bc431f22ca32cf2df1d43efc5092f00d2e3c151906ba262ff56fc4e9d3ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 09:03:03 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600a94c7-121f"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4639
rating_over.gif
newmed.su/wp-content/plugins/wp-postratings/images/stars_crystal/ 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newmed.su/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.246.156.158 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
o.shpill.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Last-Modified
Fri, 22 Jan 2021 15:29:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"600aef48-3f1"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1009
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61ada9b83597e2e32fbd97bcae60e076ec160c1151e58bc18ff6473c2c1a5141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122727
x-xss-protection
0
server
cafe
etag
7626487649187286506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 20 Jun 2022 00:15:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/ Frame E336 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://newmed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 18:51:32 GMT
etag
8616628553774171045
expires
Sun, 03 Jul 2022 18:51:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		213 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newmed.su&callback=_gfp_s_&client=ca-pub-7698631066832587
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
c8073b264978f2ae496e7eabc33553474a088f0fedeb214a8513ee97564f1149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newmed.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Jun 2022 00:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newmed.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Jun 2022 00:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0F35 		241 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7698631066832587&output=html&adk=1812271804&adf=3025194257&lmt=1655684115&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fnewmed.su%2F&ea=0&pra=5&wgl=1&dt=1655684115480&bpp=2&bdt=476&idt=78&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7528740821185&frm=20&pv=2&ga_vid=1945084976.1655684116&ga_sid=1655684116&ga_hid=1825577469&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531608&oid=2&pvsid=1574716202718920&tmod=1732110553&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28b7cbb5b98a227c8ab6a4599ddb4296d1216894a7b5a2ec43314445dc1a3dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://newmed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
62869
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Jun 2022 00:15:16 GMT
expires
Mon, 20 Jun 2022 00:15:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fontawesome-webfont.woff
newmed.su/wp-content/themes/root/fonts/ 		0
0
1hlmd.json
newrrb.bid/ 		59 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://newrrb.bid/1hlmd.json
Requested by
Host: newrrb.bid
URL: http://newrrb.bid/1hlmd.min.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02cf16fa6dc2aa0e9e212dcc5bb6df7395ba14b0556a183a7b4fa6f7165f01ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://newmed.su/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=63072000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAADOlrHAy28D6B08TY2ZbGVgi1VrrE6oNJ30esiSwcUn7FngL2Ka9gj%2FYBLdaEPeTr5B52F9riuRU8IrAj8dHsN%2FRst3EO5Qs%2FIS7jzqOMguxQ9I3c%2FK2Ynj7SIZ2%2B9s9OPEc15yjXh"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
71e04f1aeeb35995-MXP
Access-Control-Allow-Headers
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pclicks.js
prodmp.ru/ 		0
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks.js
Requested by
Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
mail.proboard.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/javascript
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
1hlmd.json
newrrb.bid/ 		59 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://newrrb.bid/1hlmd.json
Requested by
Host: newrrb.bid
URL: http://newrrb.bid/1hlmd.min.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7cf13ab9acdd3713c25cd47c316343e4c529aa6c2edd5a516a64b1232756d43
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://newmed.su/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 20 Jun 2022 00:15:15 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=63072000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsWVJBkusXLMS66wn5Pr%2FnBJdYuKbtZPTVOaL2isapZbn70Tq0FvaYD3cyv336TTAhTV8wTtx1Z11%2BZaHn3%2Fj%2Fz0H8R0Epm5G%2BgzPNelzqRytfhEiGtTm7FFtTX8KLQj%2B1Rz4eEHwPwg"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
71e04f1bcfc25995-MXP
Access-Control-Allow-Headers
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fontawesome-webfont.ttf
newmed.su/wp-content/themes/root/fonts/ 		0
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9674.FO85mDdblbjH6CJBgRK01x0SFOBorNLgtg5JDfV8-Edh1xUarIRNhTUd-MtggyTT.TGlA-zKh37eAgX6CINFSZdMU4ns%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9674.9yWGsazEFNnt1c_F_bv7rQvkAxhAswpBAmkXfyXaaGdAHmn4kyqdErQ7SOHNfR9R26PffsjzOkUvZatdpMY4dg%2C%2C.IrcGe9uCNfpLsJwLBAXQCJu20g4%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9674.9yWGsazEFNnt1c_F_bv7rQvkAxhAswpBAmkXfyXaaGdAHmn4kyqdErQ7SOHNfR9R26PffsjzOkUvZatdpMY4dg%2C%2C.IrcGe9uCNfpLsJwLBAXQCJu20g4%2C
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9674.9yWGsazEFNnt1c_F_bv7rQvkAxhAswpBAmkXfyXaaGdAHmn4kyqdErQ7SOHNfR9R26PffsjzOkUvZatdpMY4dg%2C%2C.IrcGe9uCNfpLsJwLBAXQCJu20g4%2C
date
Mon, 20 Jun 2022 00:15:15 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:15 GMT
last-modified
Fri, 17 Jun 2022 12:16:07 GMT
etag
"62ac4657-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 20 Jun 2022 01:15:15 GMT
1
mc.yandex.com/watch/56153788/
Redirect Chain
  • https://mc.yandex.com/watch/56153788?wmode=7&page-url=http%3A%2F%2Fnewmed.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A935%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
  • https://mc.yandex.com/watch/56153788/1?wmode=7&page-url=http%3A%2F%2Fnewmed.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A935%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
357 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/56153788/1?wmode=7&page-url=http%3A%2F%2Fnewmed.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A935%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A159801218684%3Ahid%3A1039403414%3Az%3A0%3Ai%3A20220620001515%3Aet%3A1655684116%3Ac%3A1%3Arn%3A457393217%3Arqn%3A1%3Au%3A1655684116333714539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1655684114481%3Ads%3A389%2C48%2C80%2C48%2C0%2C0%2C%2C570%2C0%2C%2C%2C%2C1136%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655684116%3At%3ANewMed.su%20-%20%D0%B2%D1%81%D0%B5%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%D1%8B%20%D0%B8%20%D0%BC%D0%B0%D0%BB%D1%8B%D1%88%D0%B0&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8932b8c403683ed70dbd19bb944d3b32f111bd824483ec143c1ff785fac92af8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 00:15:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 20-Jun-2022 00:15:16 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://newmed.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
357
x-xss-protection
1; mode=block
expires
Mon, 20-Jun-2022 00:15:16 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Jun 2022 00:15:16 GMT
last-modified
Mon, 20-Jun-2022 00:15:16 GMT
location
/watch/56153788/1?wmode=7&page-url=http%3A%2F%2Fnewmed.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A935%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A159801218684%3Ahid%3A1039403414%3Az%3A0%3Ai%3A20220620001515%3Aet%3A1655684116%3Ac%3A1%3Arn%3A457393217%3Arqn%3A1%3Au%3A1655684116333714539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1655684114481%3Ads%3A389%2C48%2C80%2C48%2C0%2C0%2C%2C570%2C0%2C%2C%2C%2C1136%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655684116%3At%3ANewMed.su%20-%20%D0%B2%D1%81%D0%B5%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%D1%8B%20%D0%B8%20%D0%BC%D0%B0%D0%BB%D1%8B%D1%88%D0%B0&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
http://newmed.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 20-Jun-2022 00:15:16 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8673987f2f638a5e83b8e0087c779a3cd6e04dda08df201df62ffb4882c2b9dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54401
x-xss-protection
0
server
cafe
etag
306280377751209292
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Jun 2022 00:15:16 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newmed.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Jun 2022 00:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newmed.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Jun 2022 00:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/ Frame B434 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://newmed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 08:30:08 GMT
etag
8616628553774171045
expires
Sun, 03 Jul 2022 08:30:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/ Frame D744 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://newmed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 08:30:08 GMT
etag
8616628553774171045
expires
Sun, 03 Jul 2022 08:30:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame B434 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Jun 2022 22:37:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 20 Jun 2022 00:15:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Jun 2022 00:15:16 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B434 		205 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:08:29 GMT
x-content-type-options
nosniff
age
407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 20 Jun 2023 00:08:29 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B434 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 23:02:28 GMT
x-content-type-options
nosniff
age
4368
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Jun 2023 23:02:28 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame B434 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
180f72b1a462888e9c99697f73b7b547588d82d1d06ed4e06ad1d517a3d6ed90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 23:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8237
x-xss-protection
0
server
cafe
etag
879581559784644231
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Jul 2022 23:15:03 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D744 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXqCnE7yvYq6eJO24x_AP2Y6ScKPyqK9qhL3z6tIP2tkeEAEgns7dfWCV4pCCoAegAfrZmqcByAECqQK0_DtWVPpuPqgDAcgDyQSqBNwBT9DmpVELj-IWMcKX7qmIR46nyRpj0QFo81SXr0mr7SdFi6yuXIrs--_z0OmdalOO9ErROGiDiJIjyesLC_bOnbwWjruDZwD1hMwRNMcrgPV56vT2OoVsFvynX1XDqK8A9l8sE_d9v58S6gvxxygzEOMwpTn-hCtJnpyvEM9wqVDdid-7mYVME0Rr3dlsjWZV5mwxSo26tIPEHQog6I3zPvrgnFpcNJnTA9zDeLsU308hb9jg9VmSkVH2UqujAYVoFXZSYabTCBJ0uBDNsXTAx8sA4DA51SaxL48RVcAEmJDNuv0DkgUECAQYAZIFBAgFGASgBgKAB-6l5dgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQzq0T0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTc2OTg2MzEwNjY4MzI1ODcYAA&sigh=kKeDZ5r7cX0&uach_m=[UACH]
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 20 Jun 2022 00:15:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 20 Jun 2022 00:15:16 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame D744 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 00:11:59 GMT
6180807232349671409
tpc.googlesyndication.com/daca_images/simgad/ Frame D744 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/6180807232349671409
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b50a28f3f1f8898552f68b8f271ad72f3289c6d8410988c78ba8917327a867a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 04:57:14 GMT
x-content-type-options
nosniff
age
328682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103432
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 15:58:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Jun 2023 04:57:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame D744 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 00:05:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D744 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Jun 2022 00:15:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame D744 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 23:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1007
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Jul 2022 23:58:29 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame D744 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 19:47:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12864
x-xss-protection
0
server
cafe
etag
4287797001720200766
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Jul 2022 19:47:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 01D5 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
416
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 20 Jun 2022 00:08:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 19B3 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Jun 2022 00:11:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 20 Jun 2022 00:15:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Jun 2022 00:15:16 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 19B3 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 23:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Jul 2022 23:40:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 19B3 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 00:11:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 19B3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 00:05:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 19B3 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Jun 2022 00:15:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 19B3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 23:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1007
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Jul 2022 23:58:29 GMT
6609dd9ea225b203b979e97d717528a7.js
www.gstatic.com/mysidia/ Frame 19B3 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 07:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13085
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 02:25:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 15 Sep 2022 07:25:10 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 01D5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 20 Jun 2022 00:15:16 GMT
expires
Mon, 20 Jun 2022 00:15:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 20 Jun 2022 00:15:16 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 6390 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: newmed.su
URL: http://newmed.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 18:38:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Jun 2023 18:38:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cf06aa9750de99e60e27c9e8c10820e65cc00d549d2a754eae94b117fd6b72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Jun 2022 00:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10650
x-xss-protection
0
1hlmd.json
newrrb.bid/ 		59 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://newrrb.bid/1hlmd.json
Requested by
Host: newrrb.bid
URL: http://newrrb.bid/1hlmd.min.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b78d11aec517980fc5d2d862be2cff7f33fe664dcc3195c78933620665ff520
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://newmed.su/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 20 Jun 2022 00:15:16 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=63072000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJ9m7ZjfR6soP6Kl06octAwNk9RiqSiXqr30tPYgClLGNIC7dqTSNuZ25GjHxsJ9PQeg6JzgoZMC0rcaPT8LZgZzEulSJiOcobcRu0jV%2BPojHwfNF%2BEG0v%2BZy9%2FhByyzyISwbc8sX2Yy"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
71e04f204e4c5995-MXP
Access-Control-Allow-Headers
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame FB33 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 18:38:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Jun 2023 18:38:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7698631066832587&plah=newmed.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Jun 2022 00:15:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A58 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://newmed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 21:55:23 GMT
expires
Mon, 19 Jun 2023 21:55:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C2CB 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b3022c944ba7abe83f2d109c8c59307ae8eb213172e7a6236e854fd0d361e1de
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9RPw9TxRqORjrwi7xKzjSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://newmed.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-9RPw9TxRqORjrwi7xKzjSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Jun 2022 00:15:16 GMT
expires
Mon, 20 Jun 2022 00:15:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 2A58 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 18:38:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Jun 2023 18:38:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C2CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=1574716202718920&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2A58 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?A4PFFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
internal
dmpprof.com/matching/ 		141 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=http%3A%2F%2Fnewmed.su%2F&title=NewMed.su%20-%20%D0%B2%D1%81%D0%B5%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%D1%8B%20%D0%B8%20%D0%BC%D0%B0%D0%BB%D1%8B%D1%88%D0%B0&dmp_print_id=ffbe38857410a62dc9bc348c713620d0
Requested by
Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
563e6a376dbe2765998546d4a4a91b2b412359575f0d2b46b4b0b1311ed43fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:17 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
http://newmed.su
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
141
demography
prodmp.ru/pclicks/ 		3 B
130 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks/demography?domain=newmed.su
Requested by
Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
mail.proboard.ru
Software
nginx /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
http://newmed.su
date
Mon, 20 Jun 2022 00:15:17 GMT
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=489ca399-6e73-4396-8e57-a46437ece00a
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=007ad716241b49ebb5385b7055386dfc
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=007ad716241b49ebb5385b7055386dfc
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 00:15:17 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Mon, 20 Jun 2022 00:15:17 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=007ad716241b49ebb5385b7055386dfc
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
/
s.uuidksinc.net/match/601/ 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/601/?remote_uid=489ca399-6e73-4396-8e57-a46437ece00a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:17 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
enr
dmpprof.com/ 		2 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/enr?href=http%3A%2F%2Fnewmed.su%2F&title=NewMed.su%20-%20%D0%B2%D1%81%D0%B5%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%D1%8B%20%D0%B8%20%D0%BC%D0%B0%D0%BB%D1%8B%D1%88%D0%B0
Requested by
Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
http://newmed.su/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Jun 2022 00:15:17 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://newmed.su
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
mapping
dprof.site/matching/ 		17 B
536 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=489ca399-6e73-4396-8e57-a46437ece00a
Requested by
Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 00:15:17 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
http://newmed.su
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=1574716202718920&bg=!GxilGFzNAAbASn8N4Eo7ACkAdvg8Wh0Od7rOP5cPGhjqftKbXG6QGJmUA1Aw8SLXJ_juxz3r1kzBYgIAAABLUgAAAAhoAQeZAo4jwuM2CtzN12HfV-JSMsX0x3y6T6vqC9A50NVm9voLXchZk119F2UwgA_Uk2mXfbMJcvTmGqswUuv2xz9s78Se4KOLevR9moE9i8TbLAiIJQO5OdL-TMf3gz37tB9GmVK-Aw7aICHkKV7GQPoXyCZeSV2V4ed5DmaPkwTKrAHzBRj0_IkRcmF7NmpkqeYU52_PlY1Fj2Ztbb-gIWiuHSCRQPbyv18lqhWI_453o5pChE6C0GB4jlWNpMp86o5b29CEw_IwmwG03TvZAqC9CLC0rPFazAQ9mHMK7N4paTCKgrnUsEoxQ6I-JYFEbfsu6eEbQhB2ptdWpz_KX2xEV88917V7NcqgDW_yfkGqx5HNz-9P9EZiLuoLsMIknvB8tfp_iiDPEL_L308DwkTF2oEsxdhvo4TKwLA2uNKKn-MWCtmVqsqlRsOOuM0hIDjusqvaXZAN364FT_vqQ1mTye1_NasAX51zMTzpilc9dzEA0_vKmGGxe8N6CfHWFnYZcgqQjlOcfzWvg9lJ0k7TLJQVpKIeN3vfQcKdTuLc3_85IejMlj2PB0yLN2gfo7Aeh1gG_7XcLRsEH1eT9mfiuDZ1pPfhtvyh5I3doPGLIDSFSbyPxKGvdTlBcPOMwj5VUA0qTrZHy01l27UmVJ89nh-q9SBS332HayZK4K7MZfn2HyHZOHISVENo82qNzMfLZ7dBpwvFDUCtDfQ93uLj163V6OnShTyc6pRcCgZnzyYt7DzTVdkiTb6rjuQ4kAIQ7lqqwU79TBCcwnY67urmHG_q0HCd4RXWno8p_IphQJ7TbrK2ZCpPYBA6B8dfDF7OAp_Ai6nXwp1QI7uc0OxkI-gpP-2Vdwt0N8eLojk06A8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newmed.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
56153788
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/56153788?wmode=0&wv-part=1&wv-hit=1039403414&page-url=http%3A%2F%2Fnewmed.su%2F&rn=373006297&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1655684119%3Aw%3A1600x1200%3Av%3A821%3Az%3A0%3Ai%3A20220620001518%3Au%3A1655684116333714539%3Avf%3A1axv6s0ia3io6gzr3q60o%3Awe%3A1%3Ast%3A1655684119&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://newmed.su/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 00:15:18 GMT
last-modified
Mon, 20-Jun-2022 00:15:18 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://newmed.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 20-Jun-2022 00:15:18 GMT
56153788
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/56153788?wmode=0&wv-part=1&wv-hit=1039403414&page-url=http%3A%2F%2Fnewmed.su%2F&rn=698723950&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1655684119%3Aw%3A1600x1200%3Av%3A821%3Az%3A0%3Ai%3A20220620001518%3Au%3A1655684116333714539%3Avf%3A1axv6s0ia3io6gzr3q60o%3Awe%3A1%3Ast%3A1655684119&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://newmed.su/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 00:15:18 GMT
last-modified
Mon, 20-Jun-2022 00:15:18 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://newmed.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 20-Jun-2022 00:15:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
newmed.su
URL
https://newmed.su/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Domain
newmed.su
URL
https://newmed.su/wp-content/themes/root/fonts/fontawesome-webfont.woff?v=4.7.0
Domain
newmed.su
URL
https://newmed.su/wp-content/themes/root/fonts/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation undefined| $ function| jQuery string| ajaxUrl string| ajaxUrlFlatPM boolean| duplicateFlatPM string| untilscrollFlatPM object| rbConfig function| ym object| pseudo_links object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wpcf7 object| tocplus object| ratingsL10n object| ratings_mouseover_image number| post_id number| post_rating boolean| is_being_rated function| current_rating function| ratings_off function| set_is_being_rated function| rate_post_success function| rate_post object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map boolean| laScriptLoaded function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| Swiper object| settings_array object| wps_ajax function| GoTo function| base64_decode function| createCookie function| readCookie function| eraseCookie object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign string| StopWidgetClassName string| FixedWidgetClassName function| Widget function| getWidgetContainer function| get_sibilings_offset function| compatabilty_FW_v5 function| queryElements function| findWithProperty object| sidebars function| reactive function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto string| cookie_clearfy_hide boolean| duplicateMode string| untilscroll function| ff object| flat_body object| flat_stack_scripts object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear string| flat_dateMonth number| flat_dateDay string| flat_dateHours number| flat_dateMinutes object| flat_userVars function| parseHTML function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_randomString function| flatPM_random function| flatPM_sanitizeUrlParams function| flatPM_getAllUrlParams function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_ping function| flatPM_setSCRIPT function| flatPM_setHTML function| flatPM_video object| flat_pm_arr function| jQueryLoaded_flatpm_123 function| jQueryLoading_flatpm_123 function| sZnZqpZRgws6TQxWZ object| id6459 object| hash object| qs object| pathname object| hostname object| $jscomp number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays object| dmpProfitclicks boolean| mtzCheck object| Ya object| yaCounter56153788 object| google_llp number| google_lpabyc object| googletag object| GoogleGcLKhOms object| google_image_requests

24 Cookies

Domain/Path Name / Value
.newmed.su/ Name: surfer_uuid
Value: d7d8c1ba-10e2-4cea-a9b0-9e3e61e99bed
.newmed.su/ Name: la_page_depth
Value: %7B%22last%22%3A%22http%3A%2F%2Fnewmed.su%2F%22%2C%22depth%22%3A1%7D
.newmed.su/ Name: page_load_uuid
Value: b10bb44f-2743-461f-8428-49ef6c1ae157
newmed.su/ Name: flat_r_mb
Value: %2F%2F%2F%3Adirect
.newmed.su/ Name: __gads
Value: ID=4c45b8a815edfe08-227c9198b8cd0074:T=1655684115:RT=1655684115:S=ALNI_MboAAn1r2IslWRAuRrEx8ViIQ3d3Q
.newmed.su/ Name: _ym_uid
Value: 1655684116333714539
.newmed.su/ Name: _ym_d
Value: 1655684116
.newmed.su/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3688665492fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1522765800fake
prodmp.ru/ Name: rai
Value: 7371f8d51843b084418cf20bb18bbe6c
.yandex.com/ Name: yandexuid
Value: 4731424031655684116
.yandex.com/ Name: yuidss
Value: 4731424031655684116
mc.yandex.com/ Name: yabs-sid
Value: 1026192471655684116
.yandex.com/ Name: i
Value: 5ePoYAtUUpLORKNyO+m/YXAYbCuTe/rFtYo4imXBP1Ypa6RnDHd0rHVmR5rtpKCpyvOcM53l72We8Yt4MJ9862M5EDI=
.yandex.com/ Name: ymex
Value: 1687220116.yrts.1655684116#1687220116.yrtsi.1655684116
.newmed.su/ Name: _ym_visorc
Value: w
.doubleclick.net/ Name: IDE
Value: AHWqTUk6styfpUQyRrlFuI8LLVo1z5-FfdZPjtS866H6TFx9gpZUTH7QuS6PDF0nvmk
.doubleclick.net/ Name: DSID
Value: NO_DATA
dmpprof.com/ Name: uid
Value: 489ca399-6e73-4396-8e57-a46437ece00a
.admixer.net/ Name: am-uid
Value: 007ad716241b49ebb5385b7055386dfc
.uuidksinc.net/ Name: jcsuuid
Value: NtQFFQrnd1sw3LVgP81z
dmpprof.com/ Name: enrich_data_v2_5
Value: 1655684117
dprof.site/ Name: uid
Value: 489ca399-6e73-4396-8e57-a46437ece00a

7 Console Messages

Source Level URL
Text
javascript error URL: http://newmed.su/(Line 384)
Message:
Access to font at 'https://newmed.su/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'http://newmed.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://newmed.su/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://newmed.su/
Message:
Access to font at 'https://newmed.su/wp-content/themes/root/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'http://newmed.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://newmed.su/wp-content/themes/root/fonts/fontawesome-webfont.woff?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9674.9yWGsazEFNnt1c_F_bv7rQvkAxhAswpBAmkXfyXaaGdAHmn4kyqdErQ7SOHNfR9R26PffsjzOkUvZatdpMY4dg%2C%2C.IrcGe9uCNfpLsJwLBAXQCJu20g4%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: http://newmed.su/
Message:
Access to font at 'https://newmed.su/wp-content/themes/root/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'http://newmed.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://newmed.su/wp-content/themes/root/fonts/fontawesome-webfont.ttf?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1p3opxwwet.ru
adservice.google.com
adservice.google.de
allstat-pp.ru
bveyge.com
ddyipu.com
dmpprof.com
dprof.site
esdykv.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
inv-nets.admixer.net
jin0cbonpi.ru
knkqjmjyxzev.info
m.trafmag.com
mc.yandex.com
mc.yandex.ru
newmed.su
newrrb.bid
ohgskf.com
pagead2.googlesyndication.com
partner.googleadservices.com
pdayyocpnvh.ru
prodmp.ru
s.uuidksinc.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
newmed.su
142.250.185.194
146.0.227.109
193.106.92.202
193.200.65.6
2606:4700:3036::ac43:a434
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a02:6b8::1:119
31.220.27.155
62.76.25.27
62.76.25.28
77.246.156.158
85.192.12.169
85.192.12.170
85.192.12.173
85.192.12.174
85.192.12.176
92.38.252.165
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02cf16fa6dc2aa0e9e212dcc5bb6df7395ba14b0556a183a7b4fa6f7165f01ae
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
08bf1239cd5d3f3b55855bec2f90cdc1c46b848e10d4f8546d492b359f64c97f
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180f72b1a462888e9c99697f73b7b547588d82d1d06ed4e06ad1d517a3d6ed90
1e508a9583f7eed5aaf6ab887e2a95f01855809251830231b765a3d59e43d96c
28b7cbb5b98a227c8ab6a4599ddb4296d1216894a7b5a2ec43314445dc1a3dc5
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
2a1e5f133bda3e06c7120cd15b93f918e47e43b57838d22dbb2f84fba0dc37d5
2aa5f2a6fbbfcff9c183dc7127a61dccfc7a45f0adcb2db83c705ec52010a747
2e4cd00b0c739429843de5055d3574fa4a52b60788dfe7e8f2e635a2f293d069
300800dddd60d24b6ad5fa115c8a0e3bbd05b7816637cb84e6bfa220d63d86d0
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
380c82f7c5f65cc16d41c9c1deaa67cdccf8895b6cc5f11e54e2caa0b53625b3
3b78d11aec517980fc5d2d862be2cff7f33fe664dcc3195c78933620665ff520
3cf06aa9750de99e60e27c9e8c10820e65cc00d549d2a754eae94b117fd6b72d
3f8717f3516b26079c7ec8285d97f615fa1ddb49a75d1d15a9250da32a58fbe7
4088c4396769f8eda76e6f28917417d031b5d62da99e90135de61cefa16dfafa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4c2340290b01501d8be54936b909a4f632b4850f678556d8de7107aee18b81a2
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563e6a376dbe2765998546d4a4a91b2b412359575f0d2b46b4b0b1311ed43fc5
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
5a7d5c45c249a55ad504367550f267e67efa11725473449edeb102f3196f7fae
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d727db9ea126c70ff3a6f3fb73d6bb23f47e40961c4acbd010fe7c549fe0d11
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60b4eabeef1684e972476bf2101718583f7c8f69197628409edde64f9dbe95ed
61ada9b83597e2e32fbd97bcae60e076ec160c1151e58bc18ff6473c2c1a5141
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7
70cd5366e26d943884b899bbb472b0b4660928d04c457fb45045339312fb5e41
7481ca08ab9f3cba9123f51023007c2132b1b31c09009c0a9dca77c1c2c98631
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8673987f2f638a5e83b8e0087c779a3cd6e04dda08df201df62ffb4882c2b9dc
8932b8c403683ed70dbd19bb944d3b32f111bd824483ec143c1ff785fac92af8
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
90d77a254eccf68a9d5663dc0a842fab7c7a0050b6c97eabf58bcdab4a693167
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9ab327a1b2500b2d50c3567e7b4acd32e9521404f30bad79ec5a7ca83aaf8238
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7cf13ab9acdd3713c25cd47c316343e4c529aa6c2edd5a516a64b1232756d43
b09f6e0f73e931af8bafe9e4bacea1fd93a7ef96c6e878ff02cd74d1675d97d8
b3022c944ba7abe83f2d109c8c59307ae8eb213172e7a6236e854fd0d361e1de
b50a28f3f1f8898552f68b8f271ad72f3289c6d8410988c78ba8917327a867a3
b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
c8073b264978f2ae496e7eabc33553474a088f0fedeb214a8513ee97564f1149
c83800cecd9f6b66d3bcb66c1ff655d2ad471593663302962cfe690d1891c55b
c872bc431f22ca32cf2df1d43efc5092f00d2e3c151906ba262ff56fc4e9d3ae
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6
d5c4c719bbe7e725cacca1f8b9ef0e087fa6b4f97d15cac3992b60f6be9bedd1
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dee92009ae98358c0623d4f4f01cfc3318825931f1903e987e76e366838bc9b4
e1218b6a9fc669575b430a6146d6457885b1927ff49994b0e8d1232eef55860d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc41e1a0b261df497931157a74047db3e99aa20865d24fdcb5450b3bf02a2135
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40