news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
92.38.192.253200 OK 6.5 kB URL User Request GET HTTP/1.1 news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
IP 92.38.192.253:443
ASN #12695 LLC Digital Network
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1875)
Hash b56979bd8846a7ffeb27f49ade6eec18
f07805ff04d5a997178c32c5495e79f6e85ccf49
99a62168e3b0e64e78e61fcf0d10c6b8c2015ef1a25dfb85a65c61c194deb3b5
GET /preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
X_domain: news-fun.com
X_theme: outofwindow3.desktop
Content-Encoding: gzip
news-fun.com/static/outofwindow3.desktop/css/grid.min.css
92.38.192.253200 OK 6.6 kB URL GET HTTP/1.1 news-fun.com/static/outofwindow3.desktop/css/grid.min.css
IP 92.38.192.253:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type ASCII text, with very long lines (51776), with no line terminators
Hash bb2187ffc39c45384458524b1dd9253b
5d8db7d19fd63fe48fc2e187c970d82e0af37592
21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d
GET /static/outofwindow3.desktop/css/grid.min.css HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: text/css
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64413ca8-ca40"
Content-Encoding: gzip
news-fun.com/static/outofwindow3.desktop/js/app.00f8d6be.js
85.192.12.172200 OK 9.4 kB URL GET HTTP/1.1 news-fun.com/static/outofwindow3.desktop/js/app.00f8d6be.js
IP 85.192.12.172:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type Unicode text, UTF-8 text, with very long lines (60992)
Hash 258b95b65f635441e2aecedec2721f0d
dad2dbda33feb4ba5c79e46684bf143057182cb7
0388cd4f4ba4ac87bb45200f2554c80ba9a6ccbcb53faed6edcf31c69437ca74
GET /static/outofwindow3.desktop/js/app.00f8d6be.js HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64413ca8-eebe"
Content-Encoding: gzip
news-fun.com/static/outofwindow3.desktop/css/style.min.css
85.192.12.172200 OK 2.9 kB URL GET HTTP/1.1 news-fun.com/static/outofwindow3.desktop/css/style.min.css
IP 85.192.12.172:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type ASCII text, with very long lines (10290), with no line terminators
Hash d38541ab402216e5d06b9eebbda15227
40835452d8b01b09a3946781224301006f5da7b1
2c19f3af00a3bddd2fff8453cb4279fdf8c01d37f8b41f3d05df174f6795b99c
GET /static/outofwindow3.desktop/css/style.min.css HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: text/css
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64413ca8-2832"
Content-Encoding: gzip
news-fun.com/static/outofwindow3.desktop/js/chunk-vendors.9addc034.js
92.38.192.253200 OK 93 kB URL GET HTTP/1.1 news-fun.com/static/outofwindow3.desktop/js/chunk-vendors.9addc034.js
IP 92.38.192.253:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type Unicode text, UTF-8 text, with very long lines (34959)
Hash 1e5443bb26c79a9d5527f9d70ca795b3
e7d1e550a4b3df182e6b69f9edbdf16f2d6ab896
6f730f22e2630767cd0c7bb900da08367b43081ecbbb524e039093a6783a0f2c
GET /static/outofwindow3.desktop/js/chunk-vendors.9addc034.js HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64413ca8-42ade"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0affd42f3b881bc89a46594868663e52
03ca33c099bbc747c00360101c6ca6e21810aa07
1a1eb9e073803bd3864fdc023b727bcdd97df9074a2b8a657769da4a8b858d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:00:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
argoling-fit.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
85.192.12.172200 OK 4.3 kB URL GET HTTP/1.1 argoling-fit.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
IP 85.192.12.172:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectmercery-docking.com
FingerprintE3:2C:05:35:92:5D:48:71:41:2E:CB:A9:3A:C3:A9:6E:94:F1:87:82
ValidityTue, 16 May 2023 08:43:37 GMT - Mon, 14 Aug 2023 08:43:36 GMT
Hash 532d65124126e0a47d948a19fd7453eb
d264164dc19d327da89b0693ac648367d3d32f99
c2ac3277371cdb8efe776ac3411e033b6b2db20a81e44f7b5833be264f1bd719
GET /1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js HTTP/1.1
Host: argoling-fit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Nov 2022 13:46:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636e5253-37cf"
Content-Encoding: gzip
fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
142.250.74.106200 OK 1.2 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
IP 142.250.74.106:443
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type gzip compressed data, max compression\012- data
Hash a97a06d38f09a70c428d24155d2c7b65
08c2a5afa39cfed48ba9bb4c8db5f6fd8c2c36e2
8d645d60a1b1710934299f7f602fe73a00ae80d0adf6562efc881ba2b1bc6616
GET /css?family=Roboto:300,400,500,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Jun 2023 15:00:40 GMT
date: Sat, 03 Jun 2023 15:00:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:00:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:00:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 03:11:48 GMT
expires: Sun, 02 Jun 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 42532
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
216.58.207.227200 OK 9.6 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP 216.58.207.227:443
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Hash 6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 18:53:44 GMT
expires: Wed, 29 May 2024 18:53:44 GMT
cache-control: public, max-age=31536000
age: 331616
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prodmp.ru/pclicks.js
193.106.92.202200 OK 0 B IP 193.106.92.202:443
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectprodmp.ru
Fingerprint08:A6:37:7C:29:1D:0D:E2:B3:96:AC:30:FA:09:8F:54:1E:A7:82:49
ValidityTue, 02 May 2023 03:22:09 GMT - Mon, 31 Jul 2023 03:22:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pclicks.js HTTP/1.1
Host: prodmp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 15:00:40 GMT
content-type: text/javascript
content-length: 0
set-cookie: rai=4543d020db84dead82616796b65389ab; Path=/; Expires=Fri, 01-Sep-2023 15:00:40 GMT; Max-Age=7776000; Secure; HttpOnly; SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:00:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
news-fun.com/favicon.ico
92.38.192.253204 No Content 0 B IP 92.38.192.253:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:41 GMT
Connection: keep-alive
dmpprof.com/matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-&dmp_print_id=4cb725660c43031e3b06c75892d96c5a
85.192.12.174200 OK 168 B URL GET HTTP/2 dmpprof.com/matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-&dmp_print_id=4cb725660c43031e3b06c75892d96c5a
IP 85.192.12.174:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectdmpprof.com
FingerprintC3:8C:83:41:0D:B5:16:30:83:92:56:99:D6:A2:27:C9:43:A8:14:D3
ValiditySat, 20 May 2023 05:41:58 GMT - Fri, 18 Aug 2023 05:41:57 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c3cc3b2323e0c38c356c7ec3c38439f4
846f156ccc43f47439e8735c562278ec104dba9f
bd52fd5d0c75b6df686b66f59a7c86f788d46e7cf1b1f18445f7b500d502197b
GET /matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-&dmp_print_id=4cb725660c43031e3b06c75892d96c5a HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-fun.com/
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: application/json
content-length: 168
access-control-allow-origin: https://news-fun.com
set-cookie: uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; expires=Sat, 03 Jun 2023 17:00:41 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
prodmp.ru/pclicks/demography?domain=news-fun.com
193.106.92.202200 OK 3 B URL GET HTTP/2 prodmp.ru/pclicks/demography?domain=news-fun.com
IP 193.106.92.202:443
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectprodmp.ru
Fingerprint08:A6:37:7C:29:1D:0D:E2:B3:96:AC:30:FA:09:8F:54:1E:A7:82:49
ValidityTue, 02 May 2023 03:22:09 GMT - Mon, 31 Jul 2023 03:22:08 GMT
File type JSON data\012- , ASCII text
Hash 58e0494c51d30eb3494f7c9198986bb9
cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
GET /pclicks/demography?domain=news-fun.com HTTP/1.1
Host: prodmp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-fun.com/
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Cookie: rai=4543d020db84dead82616796b65389ab
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: application/json
content-length: 3
access-control-allow-credentials: true
access-control-allow-origin: https://news-fun.com
X-Firefox-Spdy: h2
prodmp.ru/profitclicks?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
193.106.92.202200 OK 0 B URL GET HTTP/2 prodmp.ru/profitclicks?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
IP 193.106.92.202:443
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectprodmp.ru
Fingerprint08:A6:37:7C:29:1D:0D:E2:B3:96:AC:30:FA:09:8F:54:1E:A7:82:49
ValidityTue, 02 May 2023 03:22:09 GMT - Mon, 31 Jul 2023 03:22:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /profitclicks?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a HTTP/1.1
Host: prodmp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Cookie: rai=4543d020db84dead82616796b65389ab
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-allow-credentials: true
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 07:44:41 GMT
expires: Sun, 02 Jun 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 26160
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
news-fun.com/static/outofwindow3.desktop/img/arrow-right-circle.png
92.38.192.253200 OK 676 B URL GET HTTP/1.1 news-fun.com/static/outofwindow3.desktop/img/arrow-right-circle.png
IP 92.38.192.253:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 63b832f84f9d1597b5a74f389abff60f
ecec02bb00308dfacb81120bfb2a28280926a155
f44cbdd6870924cf39f27ff12eb903a0ca9208e4817a9433d983bb23e6edc072
GET /static/outofwindow3.desktop/img/arrow-right-circle.png HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/static/outofwindow3.desktop/css/style.min.css
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/png
Content-Length: 676
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Connection: keep-alive
ETag: "64413ca8-2a4"
Accept-Ranges: bytes
dmpprof.com/enr?href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D%26uid%3Dtemp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-
85.192.12.174200 OK 2 B URL POST HTTP/2 dmpprof.com/enr?href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D%26uid%3Dtemp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-
IP 85.192.12.174:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectdmpprof.com
FingerprintC3:8C:83:41:0D:B5:16:30:83:92:56:99:D6:A2:27:C9:43:A8:14:D3
ValiditySat, 20 May 2023 05:41:58 GMT - Fri, 18 Aug 2023 05:41:57 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /enr?href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D%26uid%3Dtemp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20- HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-fun.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 10
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Cookie: uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: text/plain; charset=utf-8
content-length: 2
set-cookie: enrich_data_v2_5=1685804441; expires=Sat, 17 Jun 2023 15:00:41 GMT; path=/; secure; SameSite=None
access-control-allow-origin: https://news-fun.com
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
X-Firefox-Spdy: h2
news-fun.com/api/get-n-item?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1
85.192.12.172200 OK 2.3 kB URL GET HTTP/1.1 news-fun.com/api/get-n-item?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1
IP 85.192.12.172:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4510)
Hash b119c1e64b78c1b0b93f6ace69a504b8
715e0bb8803090cb690f63c488bf29b1ce68a800
0962c1fd2afb956272cc28ae1d758113c5232ae2033723ed34d9bf02bd466ce7
GET /api/get-n-item?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1 HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:39:40 GMT
expires: Wed, 29 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
age: 321661
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
216.58.207.227200 OK 9.8 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP 216.58.207.227:443
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash 7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 07:39:04 GMT
expires: Sun, 02 Jun 2024 07:39:04 GMT
cache-control: public, max-age=31536000
age: 26497
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dprof.site/matching/mapping?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
85.192.12.174200 OK 17 B URL GET HTTP/2 dprof.site/matching/mapping?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
IP 85.192.12.174:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectdmpprof.com
FingerprintC3:8C:83:41:0D:B5:16:30:83:92:56:99:D6:A2:27:C9:43:A8:14:D3
ValiditySat, 20 May 2023 05:41:58 GMT - Fri, 18 Aug 2023 05:41:57 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
GET /matching/mapping?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a HTTP/1.1
Host: dprof.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-fun.com/
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: https://news-fun.com
set-cookie: uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; expires=Sat, 03 Jun 2023 17:00:41 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
news-fun.com/api/get-items?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.5503582124277114&theme=outofwindow3&is_video=0&resolution_width=1280&resolution_height=1024&article=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38
85.192.12.172200 OK 2.4 kB URL GET HTTP/1.1 news-fun.com/api/get-items?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.5503582124277114&theme=outofwindow3&is_video=0&resolution_width=1280&resolution_height=1024&article=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38
IP 85.192.12.172:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7519)
Hash 7399c5809bdc22de09aa7a41aaf9bd0c
c85790326dba4ccce6b4c664cb9f0e8b66587757
5e75db4ec49ed942265e7b38a1d89f96d3c44c71b2cbc138649c2bccfe93225d
GET /api/get-items?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.5503582124277114&theme=outofwindow3&is_video=0&resolution_width=1280&resolution_height=1024&article=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38 HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Set-Cookie: templates_show_id=1; Path=/; Expires=Mon, 03 Jul 2023 15:00:41 GMT; Secure; SameSite=None
Content-Encoding: gzip
news-fun.com/images/news/rectangular/ef743b413858a40809129fffcc7fe5ae.jpg
92.38.192.253200 OK 89 kB URL GET HTTP/1.1 news-fun.com/images/news/rectangular/ef743b413858a40809129fffcc7fe5ae.jpg
IP 92.38.192.253:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Hash 2da92b10b9e9c5951ea43ef81bd306c8
05185d885cbae0926a6b4def66bbf907ae54eec1
c8cf323f90892c392df3165ab77c103f7d0cdeef1977e1f82ee545addbd6706e
GET /images/news/rectangular/ef743b413858a40809129fffcc7fe5ae.jpg HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/jpeg
Content-Length: 88581
Last-Modified: Mon, 15 Nov 2021 09:45:01 GMT
Connection: keep-alive
ETag: "61922c1d-15a05"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
best-viewer.ru/image.gif?sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_source={subid}&utm_medium=11736&client_id=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&sid6={creative}&sid7={source}&category=0&resolution_width=1280&resolution_height=1024&connection_speed=
85.192.12.187200 OK 43 B URL GET HTTP/1.1 best-viewer.ru/image.gif?sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_source={subid}&utm_medium=11736&client_id=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&sid6={creative}&sid7={source}&category=0&resolution_width=1280&resolution_height=1024&connection_speed=
IP 85.192.12.187:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectbest-viewer.ru
Fingerprint80:2A:70:47:3B:EE:2B:71:69:3F:79:2F:EC:12:1B:56:96:F4:A1:2C
ValiditySun, 21 May 2023 06:05:48 GMT - Sat, 19 Aug 2023 06:05:47 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /image.gif?sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_source={subid}&utm_medium=11736&client_id=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&sid6={creative}&sid7={source}&category=0&resolution_width=1280&resolution_height=1024&connection_speed= HTTP/1.1
Host: best-viewer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://news-fun.com
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Sat, 03 Jun 2023 15:00:41 GMT
Pragma: no-cache
Set-Cookie: cd=eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiIiwiZGMiOjEsImIiOiJGaXJlZm94IiwiYnYiOiIxMTEifSwibCI6eyJyIjoiIiwibiI6MjAwNDcsImlzcCI6IkJsaXggU29sdXRpb25zIn19; Path=/; Expires=Mon, 03 Jul 2023 15:00:41 GMT; Secure; SameSite=None
cc=eyJ1aWlkIjoidGVtcC05MS45MC40Mi4xNTQtNGNiNzI1NjYwYzQzMDMxZTNiMDZjNzU4OTJkOTZjNWEiLCJkX29mZnNldCI6LTF9; Path=/; Expires=Mon, 03 Jul 2023 15:00:41 GMT; Secure; SameSite=None
article=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38; Path=/; Expires=Mon, 03 Jul 2023 15:00:41 GMT; Secure; SameSite=None
news-fun.com/images/titems/rectangular/303b88b39fdc4a1a8a240f46a40d3a8e.jpg
85.192.12.172200 OK 32 kB URL GET HTTP/1.1 news-fun.com/images/titems/rectangular/303b88b39fdc4a1a8a240f46a40d3a8e.jpg
IP 85.192.12.172:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Hash b5caf78e83b265f2cc1291ce033fcf8c
7a19d6c2ee676e353ecf5134ad6692104734a38c
23af3cab2aa895b0a895b78d35674e5c9ee1e60d2e87b8a72174271c8a58ac4f
GET /images/titems/rectangular/303b88b39fdc4a1a8a240f46a40d3a8e.jpg HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/jpeg
Content-Length: 32415
Last-Modified: Mon, 17 May 2021 09:39:45 GMT
Connection: keep-alive
ETag: "60a239e1-7e9f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
news-fun.com/images/titems/rectangular/2ff8e45194da26da56eaaa7b61d5b3db.jpg
85.192.12.172200 OK 53 kB URL GET HTTP/1.1 news-fun.com/images/titems/rectangular/2ff8e45194da26da56eaaa7b61d5b3db.jpg
IP 85.192.12.172:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Hash 8b3afd19efb3a5c533104143dc4bfd2d
54047e59ac85fe49284b7a3ab112d9e38b2dd70e
8827e97c3acc5aa46e17afe33992ca6873a6a21c2ba4c9636df7b4ce9e99a2e6
GET /images/titems/rectangular/2ff8e45194da26da56eaaa7b61d5b3db.jpg HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/jpeg
Content-Length: 53021
Last-Modified: Sun, 16 May 2021 15:16:35 GMT
Connection: keep-alive
ETag: "60a13753-cf1d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
news-fun.com/images/titems/rectangular/3ac437aeadacdd42158835a008e9f5ff.jpg
85.192.12.172200 OK 64 kB URL GET HTTP/1.1 news-fun.com/images/titems/rectangular/3ac437aeadacdd42158835a008e9f5ff.jpg
IP 85.192.12.172:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Hash 167456a0a70e6ba9ad8c2a4d97159c35
daab43afa39def914cfc353d5931bbf109314980
628680c65e853e7fc4490c6729618581308ecec8ae9da2273ad04e12afa5376c
GET /images/titems/rectangular/3ac437aeadacdd42158835a008e9f5ff.jpg HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/jpeg
Content-Length: 64249
Last-Modified: Thu, 08 Apr 2021 12:50:28 GMT
Connection: keep-alive
ETag: "606efc14-faf9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
news-fun.com/api/set-view
92.38.192.253200 OK 54 B URL POST HTTP/1.1 news-fun.com/api/set-view
IP 92.38.192.253:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT
File type JSON data\012- , ASCII text
Hash c01891a0ae732aee4b60969750b3ccf2
c72a105f2f7108e48e012dbd8e162e2056ad36b1
5d11a7da52bb89f362ad17ee9f250103db4e4f1eba2e7ac362e04e0a0438fcc1
POST /api/set-view HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2010
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; templates_show_id=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:42 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
tat3ayogh6.com/pixels/38a89e25.js
85.192.12.173200 OK 145 kB URL GET HTTP/2 tat3ayogh6.com/pixels/38a89e25.js
IP 85.192.12.173:443
ASN #12695 LLC Digital Network
Requested by https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate IssuerLet's Encrypt
Subjectpwrlkyotm.com
Fingerprint58:7C:D2:DB:4F:B1:A4:43:45:85:97:8A:EA:F7:D4:5C:AA:8F:0E:54
ValidityFri, 05 May 2023 06:02:52 GMT - Thu, 03 Aug 2023 06:02:51 GMT
Size 145 kB (144734 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixels/38a89e25.js HTTP/1.1
Host: tat3ayogh6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 03 Jun 2023 15:00:40 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-store
last-modified: Mon, 17 Apr 2023 08:43:01 GMT
content-encoding: gzip
X-Firefox-Spdy: h2