Report - news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm

Report Overview

Submitted URL
news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
IP
85.192.12.172
ASN
#12695 LLC Digital Network
Submitted
2023-06-03 15:00:57
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-02	1.3 kB	2.8 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-02	457 B	1.8 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-03	2.6 kB	71 kB	216.58.207.227
dmpprof.com	19328	2020-03-23	2020-05-10	2023-06-03	2.1 kB	1.4 kB	85.192.12.174
best-viewer.ru	257111	2019-11-19	2019-12-03	2023-05-26	700 B	1.2 kB	85.192.12.187
news-fun.com	unknown	2022-12-22	2015-12-18	2023-05-28	10 kB	367 kB	92.38.192.253
argoling-fit.com	unknown	2023-05-15	2023-05-31	2023-05-31	435 B	4.6 kB	85.192.12.172
prodmp.ru	41525	2019-11-05	2019-11-06	2023-06-02	1.4 kB	781 B	193.106.92.202
dprof.site	166315	2021-09-23	2021-09-23	2023-06-02	495 B	722 B	85.192.12.174
tat3ayogh6.com	unknown	2022-09-20	2022-09-21	2023-06-02	408 B	145 kB	85.192.12.173

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-03	medium	tat3ayogh6.com

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	1.8 kB	2023-06-03	2023-06-03
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 17:00:58 Last Seen2023-06-03 17:00:58 Times Seen1 Hash 7ea90f5a440fbf37cb192968d3460d91 b5de694c7dee048d4bb8ee2dc122cebe83afc382 6491ff14cdb25849cfb024b4534aafd14617b84b92d53814675c0b127c0abf01 Loading...

	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	163 B	2023-03-08	2024-02-27
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 07:29:14 Last Seen2024-02-27 08:10:29 Times Seen104 Hash 4b2fd25fc7570aaf4adbc2902cdb8d16 728d0035775c14d902af75de794e5c8542c36fa0 24f601d1b6f31f6a070a0849f1b5eab023d2bc94cff9170fa9d45d72d025fda5 Loading...

	tat3ayogh6.com/pixels/38a89e25.js	145 kB	2023-04-19	2024-03-02
Pretty URL tat3ayogh6.com/pixels/38a89e25.js IP 85.192.12.173 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-19 14:26:25 Last Seen2024-03-02 16:38:56 Times Seen690 Hash ede21b86931f4f35e26efe0d9c6a6c3c c77a1751937f5fea55283a7ba5b2d00ef08b8ed4 28cce79fbfb93f180d0e7533ca3a43bd5faa37c45cf1598d4485f5e080bc83cc Loading...

	news-fun.com/static/outofwindow3.desktop/js/chunk-vendors.9addc034.js	273 kB	2023-04-25	2023-06-19
Pretty URL news-fun.com/static/outofwindow3.desktop/js/chunk-vendors.9addc034.js IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-25 14:05:49 Last Seen2023-06-19 03:11:13 Times Seen32 Hash 6a426cc1a8f6cfc2ba421c1debecac11 4f3dcfe5e332723aab1a6bf40ae76aa7c67fe554 f0dd1bbc1877452532bb5f5813a20ffe907da686af4a054b42fc8e8199ad203e Loading...

	news-fun.com/static/outofwindow3.desktop/js/app.00f8d6be.js	61 kB	2023-04-25	2023-06-19
Pretty URL news-fun.com/static/outofwindow3.desktop/js/app.00f8d6be.js IP 85.192.12.172 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-25 14:05:49 Last Seen2023-06-19 03:11:13 Times Seen65 Hash 258b95b65f635441e2aecedec2721f0d dad2dbda33feb4ba5c79e46684bf143057182cb7 0388cd4f4ba4ac87bb45200f2554c80ba9a6ccbcb53faed6edcf31c69437ca74 Loading...

	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	2.0 kB	2023-03-08	2024-02-27
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 07:29:14 Last Seen2024-02-27 08:10:29 Times Seen104 Hash 2c13f9eb26cdd8bed8a4b97bdd0c4d43 3782d8a8ae4bb32bd3bc61612065130844a78ff1 7245778e1cc091b069dcfdd1ffdebdac645a239cfe6bd145b62fb19da2881bed Loading...

	prodmp.ru/pclicks.js	0 B	2023-03-07	2024-04-25
Pretty URL prodmp.ru/pclicks.js IP 193.106.92.202 ASN #48614 ITSOFT LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 00:03:28 Times Seen37050705 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	13 B	2023-03-07	2024-04-24
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:50:18 Last Seen2024-04-24 00:28:51 Times Seen814 Hash 8e742d11d6b24c401e35f3b516726584 89b72153bd7e6390415ba25b9b5fbe750e6e16d5 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40 Loading...

	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	4.7 kB	2023-04-25	2024-04-05
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-25 14:05:49 Last Seen2024-04-05 13:31:30 Times Seen95 Hash 9f8836c94ed140ef2b61a20cc33c4425 3d77efef1c4533e807a3d3e933812c0996b27786 918539d3ce8dd9173e3cbe4be24f179590ea6859b5d1cc9bcbbc5354d20bb717 Loading...

	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	1.6 kB	2023-03-07	2024-04-19
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:50:18 Last Seen2024-04-19 10:33:43 Times Seen107 Hash cefeaf107cf4ea904198a25ce287c749 0ce821318d3c06ca6be9e2d25c9212c99240492f c940d27f84a2d9a115855dc93b3f98d8e9990e979d82cc1d1d7b3a88dfa35c8c Loading...

	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	520 B	2023-04-25	2024-04-19
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-25 14:05:49 Last Seen2024-04-19 10:33:44 Times Seen101 Hash 0ecbef2fe3dd74ace4ff70c949cd4572 40493ff5c4b1a05e61256a9a2ba640e64f7c0299 20f7d445ff52c6baac1489937a61431ea5c293fb6dc480b22f29f1277e27d0c0 Loading...

	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	5.9 kB	2023-04-25	2024-04-19
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-25 14:05:49 Last Seen2024-04-19 10:33:43 Times Seen98 Hash a8a016e42d0cd02fdb88bbe44e1691d3 0720b760906f353568ee31173f51924082ddc5ab 16131e407a0ab1cfd7a8fd5285a427292fc0b72ed1b8fc5d8ad762a5e0a3ee21 Loading...

	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	822 B	2023-04-25	2024-02-02
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-25 14:05:49 Last Seen2024-02-02 11:41:26 Times Seen81 Hash 6dffbf673e93a4b99beea555b5cfa488 2ab5c27a0dcd00e7aa8785bf7a1124d8fc943be5 033d99c7592da94136086c596a73fbdc5cfc59498f32fc32e11f239a1d64ee5e Loading...

	argoling-fit.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js	14 kB	2023-04-25	2023-09-18
Pretty URL argoling-fit.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js IP 85.192.12.172 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-25 14:05:49 Last Seen2023-09-18 15:39:37 Times Seen58 Hash 91f1ffc74cfd68534e4f6b535ad7ea02 5c3970c7a14e19900a565ed61b205f44b62b2fc3 e89be1aad5c352c9a72c4df1ceb51d88a4a339a4227a70626cbb8c7f62886907 Loading...

	news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}	468 B	2023-03-13	2023-07-18
Pretty URL news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} IP 92.38.192.253 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 12:08:57 Last Seen2023-07-18 11:32:45 Times Seen47 Hash 0b56a50b5f13be24a5b92a3420a9386d da3bf293fb537d0c5e968cba79a73bf60deec53f 05f936416f3c9822d7ad57a4930cc3cf3632b8990ba00e1061a7ccb92eef1f61 Loading...

HTTP Transactions (33)

URL IP Response Size

news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}

92.38.192.253

200 OK

6.5 kB

URL User Request GET HTTP/1.1
news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
IP
92.38.192.253:443
ASN
#12695 LLC Digital Network

Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1875)
Size
6.5 kB (6498 bytes)
Hash
b56979bd8846a7ffeb27f49ade6eec18
f07805ff04d5a997178c32c5495e79f6e85ccf49
99a62168e3b0e64e78e61fcf0d10c6b8c2015ef1a25dfb85a65c61c194deb3b5

HTTP Headers

GET /preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid} HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
X_domain: news-fun.com
X_theme: outofwindow3.desktop
Content-Encoding: gzip

news-fun.com/static/outofwindow3.desktop/css/grid.min.css

92.38.192.253

200 OK

6.6 kB

URL GET HTTP/1.1
news-fun.com/static/outofwindow3.desktop/css/grid.min.css
IP
92.38.192.253:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
ASCII text, with very long lines (51776), with no line terminators
Size
6.6 kB (6566 bytes)
Hash
bb2187ffc39c45384458524b1dd9253b
5d8db7d19fd63fe48fc2e187c970d82e0af37592
21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d

HTTP Headers

GET /static/outofwindow3.desktop/css/grid.min.css HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: text/css
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64413ca8-ca40"
Content-Encoding: gzip

news-fun.com/static/outofwindow3.desktop/js/app.00f8d6be.js

85.192.12.172

200 OK

9.4 kB

URL GET HTTP/1.1
news-fun.com/static/outofwindow3.desktop/js/app.00f8d6be.js
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
Unicode text, UTF-8 text, with very long lines (60992)
Size
9.4 kB (9442 bytes)
Hash
258b95b65f635441e2aecedec2721f0d
dad2dbda33feb4ba5c79e46684bf143057182cb7
0388cd4f4ba4ac87bb45200f2554c80ba9a6ccbcb53faed6edcf31c69437ca74

HTTP Headers

GET /static/outofwindow3.desktop/js/app.00f8d6be.js HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64413ca8-eebe"
Content-Encoding: gzip

news-fun.com/static/outofwindow3.desktop/css/style.min.css

85.192.12.172

200 OK

2.9 kB

URL GET HTTP/1.1
news-fun.com/static/outofwindow3.desktop/css/style.min.css
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
ASCII text, with very long lines (10290), with no line terminators
Size
2.9 kB (2856 bytes)
Hash
d38541ab402216e5d06b9eebbda15227
40835452d8b01b09a3946781224301006f5da7b1
2c19f3af00a3bddd2fff8453cb4279fdf8c01d37f8b41f3d05df174f6795b99c

HTTP Headers

GET /static/outofwindow3.desktop/css/style.min.css HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: text/css
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64413ca8-2832"
Content-Encoding: gzip

news-fun.com/static/outofwindow3.desktop/js/chunk-vendors.9addc034.js

92.38.192.253

200 OK

93 kB

URL GET HTTP/1.1
news-fun.com/static/outofwindow3.desktop/js/chunk-vendors.9addc034.js
IP
92.38.192.253:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
Unicode text, UTF-8 text, with very long lines (34959)
Size
93 kB (92864 bytes)
Hash
1e5443bb26c79a9d5527f9d70ca795b3
e7d1e550a4b3df182e6b69f9edbdf16f2d6ab896
6f730f22e2630767cd0c7bb900da08367b43081ecbbb524e039093a6783a0f2c

HTTP Headers

GET /static/outofwindow3.desktop/js/chunk-vendors.9addc034.js HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64413ca8-42ade"
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0affd42f3b881bc89a46594868663e52
03ca33c099bbc747c00360101c6ca6e21810aa07
1a1eb9e073803bd3864fdc023b727bcdd97df9074a2b8a657769da4a8b858d97

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:00:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

argoling-fit.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js

85.192.12.172

200 OK

4.3 kB

URL GET HTTP/1.1
argoling-fit.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectmercery-docking.com
FingerprintE3:2C:05:35:92:5D:48:71:41:2E:CB:A9:3A:C3:A9:6E:94:F1:87:82
ValidityTue, 16 May 2023 08:43:37 GMT - Mon, 14 Aug 2023 08:43:36 GMT

File type
Unicode text, UTF-8 text
Size
4.3 kB (4296 bytes)
Hash
532d65124126e0a47d948a19fd7453eb
d264164dc19d327da89b0693ac648367d3d32f99
c2ac3277371cdb8efe776ac3411e033b6b2db20a81e44f7b5833be264f1bd719

HTTP Headers

GET /1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js HTTP/1.1
Host: argoling-fit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:40 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Nov 2022 13:46:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636e5253-37cf"
Content-Encoding: gzip

fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1193 bytes)
Hash
a97a06d38f09a70c428d24155d2c7b65
08c2a5afa39cfed48ba9bb4c8db5f6fd8c2c36e2
8d645d60a1b1710934299f7f602fe73a00ae80d0adf6562efc881ba2b1bc6616

HTTP Headers

GET /css?family=Roboto:300,400,500,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Jun 2023 15:00:40 GMT
date: Sat, 03 Jun 2023 15:00:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:00:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:00:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 03:11:48 GMT
expires: Sun, 02 Jun 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 42532
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Size
9.6 kB (9644 bytes)
Hash
6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 18:53:44 GMT
expires: Wed, 29 May 2024 18:53:44 GMT
cache-control: public, max-age=31536000
age: 331616
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

prodmp.ru/pclicks.js

193.106.92.202

200 OK

0 B

URL GET HTTP/2
prodmp.ru/pclicks.js
IP
193.106.92.202:443
ASN
#48614 ITSOFT LLC

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectprodmp.ru
Fingerprint08:A6:37:7C:29:1D:0D:E2:B3:96:AC:30:FA:09:8F:54:1E:A7:82:49
ValidityTue, 02 May 2023 03:22:09 GMT - Mon, 31 Jul 2023 03:22:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pclicks.js HTTP/1.1
Host: prodmp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 15:00:40 GMT
content-type: text/javascript
content-length: 0
set-cookie: rai=4543d020db84dead82616796b65389ab; Path=/; Expires=Fri, 01-Sep-2023 15:00:40 GMT; Max-Age=7776000; Secure; HttpOnly; SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 15:00:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

news-fun.com/favicon.ico

92.38.192.253

204 No Content

0 B

URL GET HTTP/1.1
news-fun.com/favicon.ico
IP
92.38.192.253:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:41 GMT
Connection: keep-alive

dmpprof.com/matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-&dmp_print_id=4cb725660c43031e3b06c75892d96c5a

85.192.12.174

200 OK

168 B

URL GET HTTP/2
dmpprof.com/matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-&dmp_print_id=4cb725660c43031e3b06c75892d96c5a
IP
85.192.12.174:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectdmpprof.com
FingerprintC3:8C:83:41:0D:B5:16:30:83:92:56:99:D6:A2:27:C9:43:A8:14:D3
ValiditySat, 20 May 2023 05:41:58 GMT - Fri, 18 Aug 2023 05:41:57 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
168 B (168 bytes)
Hash
c3cc3b2323e0c38c356c7ec3c38439f4
846f156ccc43f47439e8735c562278ec104dba9f
bd52fd5d0c75b6df686b66f59a7c86f788d46e7cf1b1f18445f7b500d502197b

HTTP Headers

GET /matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-&dmp_print_id=4cb725660c43031e3b06c75892d96c5a HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-fun.com/
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: application/json
content-length: 168
access-control-allow-origin: https://news-fun.com
set-cookie: uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; expires=Sat, 03 Jun 2023 17:00:41 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2

prodmp.ru/pclicks/demography?domain=news-fun.com

193.106.92.202

200 OK

3 B

URL GET HTTP/2
prodmp.ru/pclicks/demography?domain=news-fun.com
IP
193.106.92.202:443
ASN
#48614 ITSOFT LLC

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectprodmp.ru
Fingerprint08:A6:37:7C:29:1D:0D:E2:B3:96:AC:30:FA:09:8F:54:1E:A7:82:49
ValidityTue, 02 May 2023 03:22:09 GMT - Mon, 31 Jul 2023 03:22:08 GMT

File type
JSON data\012- , ASCII text
Size
3 B (3 bytes)
Hash
58e0494c51d30eb3494f7c9198986bb9
cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

HTTP Headers

GET /pclicks/demography?domain=news-fun.com HTTP/1.1
Host: prodmp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-fun.com/
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Cookie: rai=4543d020db84dead82616796b65389ab
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: application/json
content-length: 3
access-control-allow-credentials: true
access-control-allow-origin: https://news-fun.com
X-Firefox-Spdy: h2

prodmp.ru/profitclicks?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a

193.106.92.202

200 OK

0 B

URL GET HTTP/2
prodmp.ru/profitclicks?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
IP
193.106.92.202:443
ASN
#48614 ITSOFT LLC

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectprodmp.ru
Fingerprint08:A6:37:7C:29:1D:0D:E2:B3:96:AC:30:FA:09:8F:54:1E:A7:82:49
ValidityTue, 02 May 2023 03:22:09 GMT - Mon, 31 Jul 2023 03:22:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /profitclicks?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a HTTP/1.1
Host: prodmp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Cookie: rai=4543d020db84dead82616796b65389ab
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-allow-credentials: true
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 07:44:41 GMT
expires: Sun, 02 Jun 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 26160
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

news-fun.com/static/outofwindow3.desktop/img/arrow-right-circle.png

92.38.192.253

200 OK

676 B

URL GET HTTP/1.1
news-fun.com/static/outofwindow3.desktop/img/arrow-right-circle.png
IP
92.38.192.253:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
676 B (676 bytes)
Hash
63b832f84f9d1597b5a74f389abff60f
ecec02bb00308dfacb81120bfb2a28280926a155
f44cbdd6870924cf39f27ff12eb903a0ca9208e4817a9433d983bb23e6edc072

HTTP Headers

GET /static/outofwindow3.desktop/img/arrow-right-circle.png HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/static/outofwindow3.desktop/css/style.min.css
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/png
Content-Length: 676
Last-Modified: Thu, 20 Apr 2023 13:22:48 GMT
Connection: keep-alive
ETag: "64413ca8-2a4"
Accept-Ranges: bytes

dmpprof.com/enr?href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D%26uid%3Dtemp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-

85.192.12.174

200 OK

2 B

URL POST HTTP/2
dmpprof.com/enr?href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D%26uid%3Dtemp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20-
IP
85.192.12.174:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectdmpprof.com
FingerprintC3:8C:83:41:0D:B5:16:30:83:92:56:99:D6:A2:27:C9:43:A8:14:D3
ValiditySat, 20 May 2023 05:41:58 GMT - Fri, 18 Aug 2023 05:41:57 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /enr?href=https%3A%2F%2Fnews-fun.com%2Fpreview%2Fnew%3Fd%3Dbest-viewer.ru%26sid6%3D%7Bcreative%7D%26sid7%3D%7Bsource%7D%26sid9%3Dpreview%26utm_campaign%3D59662%26utm_content%3D50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38%26utm_medium%3D11736%26utm_source%3D%7Bsubid%7D%26uid%3Dtemp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&title=%D0%9B%D0%B0%D0%B2%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BB%D0%B8%D1%81%D1%82%3A%207%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%2C%20%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D1%8E%D1%82%20- HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-fun.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 10
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Cookie: uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: text/plain; charset=utf-8
content-length: 2
set-cookie: enrich_data_v2_5=1685804441; expires=Sat, 17 Jun 2023 15:00:41 GMT; path=/; secure; SameSite=None
access-control-allow-origin: https://news-fun.com
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
X-Firefox-Spdy: h2

news-fun.com/api/get-n-item?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1

85.192.12.172

200 OK

2.3 kB

URL GET HTTP/1.1
news-fun.com/api/get-n-item?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (4510)
Size
2.3 kB (2327 bytes)
Hash
b119c1e64b78c1b0b93f6ace69a504b8
715e0bb8803090cb690f63c488bf29b1ce68a800
0962c1fd2afb956272cc28ae1d758113c5232ae2033723ed34d9bf02bd466ce7

HTTP Headers

GET /api/get-n-item?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1 HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:39:40 GMT
expires: Wed, 29 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
age: 321661
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

216.58.207.227

200 OK

9.8 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Size
9.8 kB (9840 bytes)
Hash
7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 07:39:04 GMT
expires: Sun, 02 Jun 2024 07:39:04 GMT
cache-control: public, max-age=31536000
age: 26497
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

dprof.site/matching/mapping?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a

85.192.12.174

200 OK

17 B

URL GET HTTP/2
dprof.site/matching/mapping?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
IP
85.192.12.174:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectdmpprof.com
FingerprintC3:8C:83:41:0D:B5:16:30:83:92:56:99:D6:A2:27:C9:43:A8:14:D3
ValiditySat, 20 May 2023 05:41:58 GMT - Fri, 18 Aug 2023 05:41:57 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
17 B (17 bytes)
Hash
5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

HTTP Headers

GET /matching/mapping?uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a HTTP/1.1
Host: dprof.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-fun.com/
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 03 Jun 2023 15:00:41 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: https://news-fun.com
set-cookie: uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; expires=Sat, 03 Jun 2023 17:00:41 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2

news-fun.com/api/get-items?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.5503582124277114&theme=outofwindow3&is_video=0&resolution_width=1280&resolution_height=1024&article=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38

85.192.12.172

200 OK

2.4 kB

URL GET HTTP/1.1
news-fun.com/api/get-items?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.5503582124277114&theme=outofwindow3&is_video=0&resolution_width=1280&resolution_height=1024&article=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (7519)
Size
2.4 kB (2386 bytes)
Hash
7399c5809bdc22de09aa7a41aaf9bd0c
c85790326dba4ccce6b4c664cb9f0e8b66587757
5e75db4ec49ed942265e7b38a1d89f96d3c44c71b2cbc138649c2bccfe93225d

HTTP Headers

GET /api/get-items?d=best-viewer.ru&sid6=%7Bcreative%7D&sid7=%7Bsource%7D&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source=%7Bsubid%7D&language=RU&blang=en-US&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&hash=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.5503582124277114&theme=outofwindow3&is_video=0&resolution_width=1280&resolution_height=1024&article=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38 HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Set-Cookie: templates_show_id=1; Path=/; Expires=Mon, 03 Jul 2023 15:00:41 GMT; Secure; SameSite=None
Content-Encoding: gzip

news-fun.com/images/news/rectangular/ef743b413858a40809129fffcc7fe5ae.jpg

92.38.192.253

200 OK

89 kB

URL GET HTTP/1.1
news-fun.com/images/news/rectangular/ef743b413858a40809129fffcc7fe5ae.jpg
IP
92.38.192.253:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Size
89 kB (88581 bytes)
Hash
2da92b10b9e9c5951ea43ef81bd306c8
05185d885cbae0926a6b4def66bbf907ae54eec1
c8cf323f90892c392df3165ab77c103f7d0cdeef1977e1f82ee545addbd6706e

HTTP Headers

GET /images/news/rectangular/ef743b413858a40809129fffcc7fe5ae.jpg HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/jpeg
Content-Length: 88581
Last-Modified: Mon, 15 Nov 2021 09:45:01 GMT
Connection: keep-alive
ETag: "61922c1d-15a05"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes

best-viewer.ru/image.gif?sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_source={subid}&utm_medium=11736&client_id=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&sid6={creative}&sid7={source}&category=0&resolution_width=1280&resolution_height=1024&connection_speed=

85.192.12.187

200 OK

43 B

URL GET HTTP/1.1
best-viewer.ru/image.gif?sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_source={subid}&utm_medium=11736&client_id=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&sid6={creative}&sid7={source}&category=0&resolution_width=1280&resolution_height=1024&connection_speed=
IP
85.192.12.187:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectbest-viewer.ru
Fingerprint80:2A:70:47:3B:EE:2B:71:69:3F:79:2F:EC:12:1B:56:96:F4:A1:2C
ValiditySun, 21 May 2023 06:05:48 GMT - Sat, 19 Aug 2023 06:05:47 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /image.gif?sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_source={subid}&utm_medium=11736&client_id=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a&sid6={creative}&sid7={source}&category=0&resolution_width=1280&resolution_height=1024&connection_speed= HTTP/1.1
Host: best-viewer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://news-fun.com
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Sat, 03 Jun 2023 15:00:41 GMT
Pragma: no-cache
Set-Cookie: cd=eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiIiwiZGMiOjEsImIiOiJGaXJlZm94IiwiYnYiOiIxMTEifSwibCI6eyJyIjoiIiwibiI6MjAwNDcsImlzcCI6IkJsaXggU29sdXRpb25zIn19; Path=/; Expires=Mon, 03 Jul 2023 15:00:41 GMT; Secure; SameSite=None
cc=eyJ1aWlkIjoidGVtcC05MS45MC40Mi4xNTQtNGNiNzI1NjYwYzQzMDMxZTNiMDZjNzU4OTJkOTZjNWEiLCJkX29mZnNldCI6LTF9; Path=/; Expires=Mon, 03 Jul 2023 15:00:41 GMT; Secure; SameSite=None
article=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38; Path=/; Expires=Mon, 03 Jul 2023 15:00:41 GMT; Secure; SameSite=None

news-fun.com/images/titems/rectangular/303b88b39fdc4a1a8a240f46a40d3a8e.jpg

85.192.12.172

200 OK

32 kB

URL GET HTTP/1.1
news-fun.com/images/titems/rectangular/303b88b39fdc4a1a8a240f46a40d3a8e.jpg
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Size
32 kB (32415 bytes)
Hash
b5caf78e83b265f2cc1291ce033fcf8c
7a19d6c2ee676e353ecf5134ad6692104734a38c
23af3cab2aa895b0a895b78d35674e5c9ee1e60d2e87b8a72174271c8a58ac4f

HTTP Headers

GET /images/titems/rectangular/303b88b39fdc4a1a8a240f46a40d3a8e.jpg HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/jpeg
Content-Length: 32415
Last-Modified: Mon, 17 May 2021 09:39:45 GMT
Connection: keep-alive
ETag: "60a239e1-7e9f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes

news-fun.com/images/titems/rectangular/2ff8e45194da26da56eaaa7b61d5b3db.jpg

85.192.12.172

200 OK

53 kB

URL GET HTTP/1.1
news-fun.com/images/titems/rectangular/2ff8e45194da26da56eaaa7b61d5b3db.jpg
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Size
53 kB (53021 bytes)
Hash
8b3afd19efb3a5c533104143dc4bfd2d
54047e59ac85fe49284b7a3ab112d9e38b2dd70e
8827e97c3acc5aa46e17afe33992ca6873a6a21c2ba4c9636df7b4ce9e99a2e6

HTTP Headers

GET /images/titems/rectangular/2ff8e45194da26da56eaaa7b61d5b3db.jpg HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/jpeg
Content-Length: 53021
Last-Modified: Sun, 16 May 2021 15:16:35 GMT
Connection: keep-alive
ETag: "60a13753-cf1d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes

news-fun.com/images/titems/rectangular/3ac437aeadacdd42158835a008e9f5ff.jpg

85.192.12.172

200 OK

64 kB

URL GET HTTP/1.1
news-fun.com/images/titems/rectangular/3ac437aeadacdd42158835a008e9f5ff.jpg
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Size
64 kB (64249 bytes)
Hash
167456a0a70e6ba9ad8c2a4d97159c35
daab43afa39def914cfc353d5931bbf109314980
628680c65e853e7fc4490c6729618581308ecec8ae9da2273ad04e12afa5376c

HTTP Headers

GET /images/titems/rectangular/3ac437aeadacdd42158835a008e9f5ff.jpg HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Jun 2023 15:00:41 GMT
Content-Type: image/jpeg
Content-Length: 64249
Last-Modified: Thu, 08 Apr 2021 12:50:28 GMT
Connection: keep-alive
ETag: "606efc14-faf9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes

news-fun.com/api/set-view

92.38.192.253

200 OK

54 B

URL POST HTTP/1.1
news-fun.com/api/set-view
IP
92.38.192.253:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectglobal-magazine.com
Fingerprint39:1E:EA:EE:D9:53:2E:CE:A1:3C:80:E4:CC:0C:B8:42:87:AE:B5:77
ValidityTue, 30 May 2023 12:44:18 GMT - Mon, 28 Aug 2023 12:44:17 GMT

File type
JSON data\012- , ASCII text
Size
54 B (54 bytes)
Hash
c01891a0ae732aee4b60969750b3ccf2
c72a105f2f7108e48e012dbd8e162e2056ad36b1
5d11a7da52bb89f362ad17ee9f250103db4e4f1eba2e7ac362e04e0a0438fcc1

HTTP Headers

POST /api/set-view HTTP/1.1
Host: news-fun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2010
Origin: https://news-fun.com
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}&uid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a
Cookie: quid=temp-91.90.42.154-4cb725660c43031e3b06c75892d96c5a; templates_show_id=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Sat, 03 Jun 2023 15:00:42 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip

tat3ayogh6.com/pixels/38a89e25.js

85.192.12.173

200 OK

145 kB

URL GET HTTP/2
tat3ayogh6.com/pixels/38a89e25.js
IP
85.192.12.173:443
ASN
#12695 LLC Digital Network

Requested by
https://news-fun.com/preview/new?d=best-viewer.ru&sid6={creative}&sid7={source}&sid9=preview&utm_campaign=59662&utm_content=50bcc5dc-fbbc-4d43-9d64-a557cfeb0c38&utm_medium=11736&utm_source={subid}
Certificate
IssuerLet's Encrypt
Subjectpwrlkyotm.com
Fingerprint58:7C:D2:DB:4F:B1:A4:43:45:85:97:8A:EA:F7:D4:5C:AA:8F:0E:54
ValidityFri, 05 May 2023 06:02:52 GMT - Thu, 03 Aug 2023 06:02:51 GMT

File type

Size
145 kB (144734 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixels/38a89e25.js HTTP/1.1
Host: tat3ayogh6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-fun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 03 Jun 2023 15:00:40 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-store
last-modified: Mon, 17 Apr 2023 08:43:01 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML