timebusinessnews.com Open in urlscan Pro
192.124.249.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
Submission: On May 13 via api (May 13th 2023, 3:14:22 pm UTC) from US — Scanned from US

Summary HTTP 263 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 41 domains to perform 263 HTTP transactions. The main IP is 192.124.249.3, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is timebusinessnews.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 11th 2023. Valid for: a year.

This is the only time timebusinessnews.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
55	192.124.249.3 192.124.249.3	30148 (SUCURI-SEC) (SUCURI-SEC)
2	172.217.13.168 172.217.13.168	15169 (GOOGLE) (GOOGLE)
6	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
10	172.217.13.138 172.217.13.138	15169 (GOOGLE) (GOOGLE)
23	172.217.13.162 172.217.13.162	15169 (GOOGLE) (GOOGLE)
3	139.162.141.183 139.162.141.183	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
7	5.45.70.122 5.45.70.122	58061 (SCALAXY-AS) (SCALAXY-AS)
12	172.217.13.142 172.217.13.142	15169 (GOOGLE) (GOOGLE)
1 1	15.235.14.140 15.235.14.140	16276 (OVH) (OVH)
1	158.69.60.171 158.69.60.171	16276 (OVH) (OVH)
7	142.251.41.3 142.251.41.3	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
19	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
5 30	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
1	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
1	44.226.104.41 44.226.104.41	16509 (AMAZON-02) (AMAZON-02)
2 44	172.217.13.193 172.217.13.193	15169 (GOOGLE) (GOOGLE)
12	172.217.13.195 172.217.13.195	15169 (GOOGLE) (GOOGLE)
8	172.217.13.98 172.217.13.98	15169 (GOOGLE) (GOOGLE)
1 5	172.217.13.196 172.217.13.196	15169 (GOOGLE) (GOOGLE)
2	142.250.74.3 142.250.74.3	15169 (GOOGLE) (GOOGLE)
1	74.125.172.202 74.125.172.202	15169 (GOOGLE) (GOOGLE)
4	172.217.13.174 172.217.13.174	15169 (GOOGLE) (GOOGLE)
2 4	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	2606:ae80:145... 2606:ae80:1451:11::2040	25751 (VALUECLICK) (VALUECLICK)
2 2	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
2 2	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	3.224.179.135 3.224.179.135	14618 (AMAZON-AES) (AMAZON-AES)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 4	23.192.30.145 23.192.30.145	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	74.121.140.211 74.121.140.211	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	34.236.164.132 34.236.164.132	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2 2	207.198.113.86 207.198.113.86	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.234.173.148 3.234.173.148	14618 (AMAZON-AES) (AMAZON-AES)
2 2	50.31.142.63 50.31.142.63	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
263	33

55 192.124.249.3 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10003.sucuri.net

timebusinessnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.162.141.183 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: de15.fcomet.com

bitcoinclevercanadareview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 5.45.70.122 (Netherlands)

ASN58061 (SCALAXY-AS, NL)

earnmoneycrypt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.14.140 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: dovh01.ca.zeno.fm

node-10.zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.60.171 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ovh34.ca.zeno.fm

stream-034.zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.41.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 172.217.13.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.226.104.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-104-41.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 172.217.13.193 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.13.195 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.13.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.3 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s21-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.172.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s41-in-f10.1e100.net

rr5---sn-ab5sznze.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.174 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f14.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:112:f002:bbbb::21 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:11::2040 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.98.69.175 (New York, United States) 2 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.135 (Amsterdam, Netherlands) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.179.135 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-179-135.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.192.30.145 (Secaucus, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-30-145.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.211 (Reston, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.164.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-164-132.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.40.39.223 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.86 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.173.148 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-173-148.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.63 (Itasca, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	895 KB
55	timebusinessnews.com timebusinessnews.com	6 MB
49	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	314 KB
32	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com csi.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com	687 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	9 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	420 KB
8	stripe.com checkout.stripe.com — Cisco Umbrella Rank: 9163 js.stripe.com — Cisco Umbrella Rank: 1202 q.stripe.com — Cisco Umbrella Rank: 7069 m.stripe.com — Cisco Umbrella Rank: 1158	132 KB
7	earnmoneycrypt.com earnmoneycrypt.com	696 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	4 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1347	1 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 949 r.turn.com — Cisco Umbrella Rank: 3697	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	22 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 4467	999 B
3	bitcoinclevercanadareview.com bitcoinclevercanadareview.com	254 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1106	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 562	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 2073	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 746	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 668	1 KB
2	uuidksinc.net 2 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10383	626 B
2	mxptint.net 2 redirects aep.mxptint.net — Cisco Umbrella Rank: 6288	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3063	892 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1274	17 KB
2	zeno.fm 1 redirects node-10.zeno.fm stream-034.zeno.fm	170 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	125 KB
1	extend.tv 1 redirects sync.extend.tv — Cisco Umbrella Rank: 3027	611 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2107	173 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414	645 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1215	453 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7558	622 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 352	459 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 674	363 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4862	609 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 505	874 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3125	1 KB
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 6136	419 B
1	googlevideo.com rr5---sn-ab5sznze.googlevideo.com — Cisco Umbrella Rank: 24613
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1488	14 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	609 B
1	w.org s.w.org — Cisco Umbrella Rank: 2045	541 B
263	41

	Domain	Requested by
55	timebusinessnews.com	timebusinessnews.com
47	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
29	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
22	pagead2.googlesyndication.com	timebusinessnews.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net timebusinessnews.com
12	www.gstatic.com	googleads.g.doubleclick.net
10	fonts.googleapis.com	timebusinessnews.com googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
7	earnmoneycrypt.com	timebusinessnews.com
6	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	ssum-sec.casalemedia.com	4 redirects
4	sync.teads.tv	2 redirects
4	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	an.yandex.ru	2 redirects
3	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	q.stripe.com	timebusinessnews.com
3	js.stripe.com	timebusinessnews.com js.stripe.com
3	bitcoinclevercanadareview.com	timebusinessnews.com
2	rtb.mfadsrvr.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	s.uuidksinc.net	2 redirects
2	aep.mxptint.net	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.googletagmanager.com	timebusinessnews.com www.googletagmanager.com
1	sync.extend.tv	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	px.ads.linkedin.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	trace.mediago.io	1 redirects
1	ius.ctnsnet.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	fksnk.com	1 redirects
1	sync.mathtag.com	1 redirects
1	a.rfihub.com	1 redirects
1	cc.adingo.jp	1 redirects
1	rr5---sn-ab5sznze.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	m.stripe.com	m.stripe.network
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.w.org	timebusinessnews.com
1	stream-034.zeno.fm	timebusinessnews.com
1	node-10.zeno.fm	1 redirects
1	checkout.stripe.com	timebusinessnews.com
263	57

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
tracking.affid21221il.com
www.scxy7gm.com
ifgict.org
da.u7buy.com
play.google.com
apps.apple.com
zeno.fm
wallester.com
dnbc.tv
www.buytvinternetphone.com
www.ksf.space
www.ifgict.org
usattorneys.com
truck-accident.usattorneys.com
accident.usattorneys.com
www.tbusinessweek.com

Subject Issuer	Validity	Valid
timebusinessnews.com Go Daddy Secure Certificate Authority - G2	`2023-02-11` - `2024-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-05-12` - `2023-08-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
bitcoinclevercanadareview.com cPanel, Inc. Certification Authority	`2023-03-31` - `2023-06-29`	3 months	crt.sh
earnmoneycrypt.com R3	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-05-02` - `2023-07-11`	2 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
Frame ID: CD8788C7A118FE4BE9AB6B9936758FFE
Requests: 100 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 3068BC31A612052BD61D78669526D57E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 35E62CAED931B84BB914D27584DBADC1
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CCB1C6D0742C5C7010FC331C0C3FBE58
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&adk=1812271804&adf=3025194257&lmt=1683888173&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990846052&bpp=34&bdt=1226&idt=234&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3500262067733&frm=20&pv=2&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=325
Frame ID: 931BBE35137CB0A51C4EA82B44EED451
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=997297033&adf=4244172154&pi=t.aa~a.3137240526~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1683888173&rafmt=1&to=qs&pwprc=7955184683&format=1200x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990846086&bpp=10&bdt=1260&idt=348&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zoNLj1TMBt&p=https%3A//timebusinessnews.com&dtd=357
Frame ID: B4F51BB8B0480AA178700A3A1F4A7373
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2731288662&pi=t.aa~a.3600466503~i.3~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=2&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eWtJfK1YQb&p=https%3A//timebusinessnews.com&dtd=62
Frame ID: CCFBCCC1629A4477C64EC73EA15A001F
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85
Frame ID: F50579CBC5A20C27B31AF92A3E189F22
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96
Frame ID: E25BB8789755090AADE7B883A439A956
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107
Frame ID: A4EB41D9CA2B0F15EA051B945BFD3EA8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2276A09796DD5819E586C92A908F0BA1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: EC708451D12A3DDDF4BCE56341143D25
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0E46B1A640471EB36016C43FF10EDA6A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: B6360C461F00B3A722B93316B20083CF
Requests: 8 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/5c132af01198b79277f9291767bd072e.js?tag=client_fast_engine_2019
Frame ID: 0A6F4511E8503DF43D4F5BFA65F13743
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 56BFDB029BD729124202F454A10B6EA4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 1F0884B6785A9C9EECAAEFBA0F7FD5D2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: D1218A54C1C1FF45B681B1A6A3A91BA7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 9BC15B39BE37E1C9C8E26FB440D28A92
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: F97047BF28E26B61BD14623C5949CF5B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 33472C02C7E80FBCF8754602C2AA6092
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CE42FFAFEAC4C0C50C8D4C69265AEB8E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 96B8FD174F1ABE6D6CC988C89CFFAB4B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1920C415DA88ABD2FA499D51F4FCD417
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80822A98A7D7125EAD49ADFED61091C2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 5BAF920E742359172CDD81BA150E79AA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 9C3974D359AA2F7A0C61B4AE807EEFB8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 8C0F6C151CD5BA2DB48303A8B4DAD54D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Frame ID: 14465C9A86A94644C9D28F5A54A3BA72
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C615CDFF40FF10891C1AF4AC6B70CB38
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E359B270C28969174660051101DE20A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zara Larsson Bitcoin Code Erfaringer 2023 - svindel eller legitim?

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

263
Requests

89 %
HTTPS

16 %
IPv6

41
Domains

57
Subdomains

33
IPs

5
Countries

9051 kB
Transfer

21155 kB
Size

47
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TimeBusinessNews/

Search URL Search Domain Scan URL

URL: https://twitter.com/TimeBusinessNe1

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCsdwtYGt7HsEWOqsZU-y6bw

Search URL Search Domain Scan URL

URL: https://tracking.affid21221il.com/aff_c?offer_id=444&aff_id=33625&source=tim-panar

Search URL Search Domain Scan URL

URL: https://www.scxy7gm.com/6GRR7L/52TFBR/
Title: automatisk tradingprogram for kryptovaluta som heter Bitcoin Code

Search URL Search Domain Scan URL

URL: https://ifgict.org/
Title: IFGICT

Search URL Search Domain Scan URL

URL: https://da.u7buy.com/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.google.android.apps.magazines&hl=fr&gl=US
Title: For ANDROID

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/google-news/id459182288
Title: For IOS

Search URL Search Domain Scan URL

URL: https://zeno.fm/
Title: A Zeno.FM Station

Search URL Search Domain Scan URL

URL: https://wallester.com/
Title: wallester.com

Search URL Search Domain Scan URL

URL: https://dnbc.tv/info

Search URL Search Domain Scan URL

URL: https://www.buytvinternetphone.com/windstream/internet

Search URL Search Domain Scan URL

URL: https://www.ksf.space/

Search URL Search Domain Scan URL

URL: https://www.ifgict.org/

Search URL Search Domain Scan URL

URL: https://usattorneys.com/
Title: Attorneys

Search URL Search Domain Scan URL

URL: https://truck-accident.usattorneys.com/
Title: Truck Accident Lawyers

Search URL Search Domain Scan URL

URL: https://accident.usattorneys.com/
Title: Accident Attorneys

Search URL Search Domain Scan URL

URL: http://www.tbusinessweek.com/category/video-games/
Title: Video games

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://node-10.zeno.fm/8qmmx15z0heuv?rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ HTTP 302
https://stream-034.zeno.fm/8qmmx15z0heuv?zs=owZsQsxSSi-lTCrn1FQDYA&rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 182

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODE9ffygwEQsAkYsAkyCFJT4FVfc8KB HTTP 301
https://tpc.googlesyndication.com/simgad/18096425895053646920

Request Chain 223

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODE9ffygwEQsAkYsAkyCFJT4FVfc8KB HTTP 301
https://tpc.googlesyndication.com/simgad/18096425895053646920

Request Chain 236

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1&google_push=ATf1kGMC0W3DU3OXwnRIpH8F48e3gdnAJoXzxGGBIvznlLkCB7Xqc6acAwnjnJ7TrHSR7u-5mGdoD8yD1hgsWJvM3A_iK4Po-OOkiw4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDIwMDMzOTQyODI1MTc4NjQ0MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1

Request Chain 237

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELEke_c84yaYKqhge4Q2Qfk&google_cver=1&google_push=ATf1kGNVvYtdfBKHztfTjzSu7IH0jqVAMhT-QdyIXoI6udNApQjpeVSmrr-7iku_7JKP63JQgqJzsQSuqVYlAbj1TcKSUC1HtX6mJi8 HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6d5335f06a052300&is_secure=true&networkId=14000&version=1&google_gid=CAESELEke_c84yaYKqhge4Q2Qfk&google_cver=1&google_push=ATf1kGNVvYtdfBKHztfTjzSu7IH0jqVAMhT-QdyIXoI6udNApQjpeVSmrr-7iku_7JKP63JQgqJzsQSuqVYlAbj1TcKSUC1HtX6mJi8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMsEVpNHKBRgMXc_Y-AAAAAAA&expiration=1684077251&google_cver=1&is_secure=true&google_gid=CAESELEke_c84yaYKqhge4Q2Qfk&google_push=ATf1kGNVvYtdfBKHztfTjzSu7IH0jqVAMhT-QdyIXoI6udNApQjpeVSmrr-7iku_7JKP63JQgqJzsQSuqVYlAbj1TcKSUC1HtX6mJi8

Request Chain 238

https://aep.mxptint.net/sn.ashx?google_gid=CAESEDhxPch29ZJDp5ZyUrxrFik&google_cver=1&google_push=ATf1kGNBS-yOrNU2vx_fi5u7TRHxYgCbg5aT_iQeP8wT9end0ly9rxM1aaKzTndu4x3El500DMhRrt6F7nyG8IwlEuYCvXjIJOS64MI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGNBS-yOrNU2vx_fi5u7TRHxYgCbg5aT_iQeP8wT9end0ly9rxM1aaKzTndu4x3El500DMhRrt6F7nyG8IwlEuYCvXjIJOS64MI&google_hm=UjMzNjQ2XzEwMjlDRTFGNl8yRjRBRTlCNQ%3D%3D

Request Chain 239

https://s.uuidksinc.net/match/47/?remote_uid=CAESECXriyf9acmQ29bl8BdPkFg&c_param1=ATf1kGOwq1FNhs8X0OTrZglcyNd-mjCJmbjRurv9la1EmZmRC9F9C9YWnT_G5yb2HEIcZSh2U6VqiPg8slp00xnSBel2LR6kZ93xZA&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGOwq1FNhs8X0OTrZglcyNd-mjCJmbjRurv9la1EmZmRC9F9C9YWnT_G5yb2HEIcZSh2U6VqiPg8slp00xnSBel2LR6kZ93xZA

Request Chain 240

https://cc.adingo.jp/adx/push/?google_gid=CAESELg1HF8xFzLDBPr7GD369k4&google_cver=1&google_push=ATf1kGPQ2Dlk66kFwajo6DDHTlxgthJeF3tClDhssW6WZTyZKFU1XQyy8rLpcyoEczAdNiuQFrxCE9iFvcWYkGjE7aI4pAY1pS0RPnk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGPQ2Dlk66kFwajo6DDHTlxgthJeF3tClDhssW6WZTyZKFU1XQyy8rLpcyoEczAdNiuQFrxCE9iFvcWYkGjE7aI4pAY1pS0RPnk&google_hm=bc616292a1a6e6c4a3aefdcccdbbc5e7

Request Chain 241

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEKEYemP8zVrbxDqVmVq0CZI&google_cver=1&google_push=ATf1kGMFDi4HQ1sUjynigQT_hc6USgIQ7wJotyx_dTCmviT0LC0A4pipyWFDW7RmooEW7Q6YRPn1rbsjcGPT7DlUBg8K6GXEvvi7svc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGMFDi4HQ1sUjynigQT_hc6USgIQ7wJotyx_dTCmviT0LC0A4pipyWFDW7RmooEW7Q6YRPn1rbsjcGPT7DlUBg8K6GXEvvi7svc&google_hm=ODE5MjAwNTAyMTE5Njc3OTQxMA==

Request Chain 242

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOxVvdf2iOq82Pxrn3YxXDU&google_cver=1&google_push=ATf1kGOXaGuJ-wAKfb0fFKUNQwkZRkNoauWlHuzG8DsXE7mzlWqeV5jyZUVxurMOvNNu7dw37vMBI9vPVPipO_Hj9wswkha3K35Jo0Ck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NjRmZTk1YTUtOTdkOS00MzA2LTllODMtNjA4ZDJiZmQ1ZWNm&google_push=ATf1kGOXaGuJ-wAKfb0fFKUNQwkZRkNoauWlHuzG8DsXE7mzlWqeV5jyZUVxurMOvNNu7dw37vMBI9vPVPipO_Hj9wswkha3K35Jo0Ck HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 244

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL6p7lBnv-ioPUfhWKBM7bQ&google_cver=1&google_push=ATf1kGMDVrn5laXQkSVvQTPaM0szTzVaNioBnkU29O-jFNJCZGE75pAVaisiC4jW74TQyDTb5u46bbF79T_JsP5qrVHrb4swnlTWzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMDVrn5laXQkSVvQTPaM0szTzVaNioBnkU29O-jFNJCZGE75pAVaisiC4jW74TQyDTb5u46bbF79T_JsP5qrVHrb4swnlTWzw

Request Chain 245

https://fksnk.com/cs/google?google_gid=CAESEK_1Gu_kQuZp30OKWBLNsCY&google_cver=1&google_push=ATf1kGMiYMPL42SsYnibnAcJxHe_5P-p2y3Z-yz5Hq6MzCDdBe_s4wzm2t_-dV-wgMXhXChlo1_4N5w02XRpES41q4s2Oma9EzPo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REJGM0MxNjY2NjFGQ0NFMg==

Request Chain 247

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIm9Lpk7339VdeQj7i2NbiA&google_cver=1&google_push=ATf1kGO4puVA-zioPnXOmddBPNtYKS9oomVsYZ4S_fhL6W82kuG856YGNxWQca_ZnxGBOpGKznYW6ZpR7y7REu2GeqVaz5ALOKkmcw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhNNE84UUwtQi1LVlQx&google_push=ATf1kGO4puVA-zioPnXOmddBPNtYKS9oomVsYZ4S_fhL6W82kuG856YGNxWQca_ZnxGBOpGKznYW6ZpR7y7REu2GeqVaz5ALOKkmcw

Request Chain 248

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_cver=1&google_push=ATf1kGO5BWE9LsvdgCqpjD3F59UjIpsaCZlzaYnyiAyHyn2pta_QzfCMZtGTEX5fRgjGfFwAnf0rYBeDNmMQuYQNbhpkTxIwePwJiQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_push=ATf1kGO5BWE9LsvdgCqpjD3F59UjIpsaCZlzaYnyiAyHyn2pta_QzfCMZtGTEX5fRgjGfFwAnf0rYBeDNmMQuYQNbhpkTxIwePwJiQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_hm=ZF-pQm3cLI4nbNNJbQVZvAAADc4AAAIB&google_nid=index&google_push=ATf1kGO5BWE9LsvdgCqpjD3F59UjIpsaCZlzaYnyiAyHyn2pta_QzfCMZtGTEX5fRgjGfFwAnf0rYBeDNmMQuYQNbhpkTxIwePwJiQ

Request Chain 249

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELxokedZQ779BgMtQk8Pkfg&google_cver=1&google_push=ATf1kGMJfIU6n44s_-mtBa1lxIm9El4O4GjxztoN_9U6k9lKBdn1DjCBy2WPSRWO4oF9lf57Y7MlJX2M91HybRvlRf4ixddt7S67ryU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGMJfIU6n44s_-mtBa1lxIm9El4O4GjxztoN_9U6k9lKBdn1DjCBy2WPSRWO4oF9lf57Y7MlJX2M91HybRvlRf4ixddt7S67ryU&google_hm=OJVlIQ1wRZ-J_wm1oPciaoU

Request Chain 250

https://trace.mediago.io/cs/google?google_gid=CAESEKe_7quhQPnLwbBrXu2F5-4&google_cver=1&google_push=ATf1kGMo8lrQugUrZVA43EdOmnzj2HwUlla4Q8sT7TajdWE9w9dFaZnp_rxS_hdJHOeCWwd9QBHgqHRCPsq23meWeqxJmSTB088Qjw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMo8lrQugUrZVA43EdOmnzj2HwUlla4Q8sT7TajdWE9w9dFaZnp_rxS_hdJHOeCWwd9QBHgqHRCPsq23meWeqxJmSTB088Qjw&google_hm=4cb73c118a3d6c463ff1325ed5586dc9

Request Chain 252

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1&google_push=ATf1kGOnhiNGVPvqEj4x0hg2j5HdjWhTOLz4KmNvIC15y1AMPEPymzOfK-WFfFHOYFgYobbgUWOKT7aprM49oM-_ArIJFqEhPdD1d-ebscPrjhnYcHCJIfggsuJaOEsWokQkGevsE_26VbYf0x60wxS9vRXtsss HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDEyODI4MTgzNDIxMzg1ODUwNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1

Request Chain 253

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMOzreMsE5usiZiDlFrd4QE&google_cver=1&google_push=ATf1kGNiEGj44cqaeuGTk-_f7f2rdMQcI1nBSXrSYimB48Zbzt7FBwYL9-N0sqS8SpDjX2T1OhzUosk3oPvSKoZtFj3FW5nt_dB3C2d8AYmTVu1ccPk9G4o7UAnms945aDvqFI7zkybQxbD310ozY41U-9dkIEc HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEMOzreMsE5usiZiDlFrd4QE&google_cver=1&google_push=ATf1kGNiEGj44cqaeuGTk-_f7f2rdMQcI1nBSXrSYimB48Zbzt7FBwYL9-N0sqS8SpDjX2T1OhzUosk3oPvSKoZtFj3FW5nt_dB3C2d8AYmTVu1ccPk9G4o7UAnms945aDvqFI7zkybQxbD310ozY41U-9dkIEc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=vjVsOd24Q9KGENoNSkJ4GmRfqUI

Request Chain 254

https://s.uuidksinc.net/match/47/?remote_uid=CAESECXriyf9acmQ29bl8BdPkFg&c_param1=ATf1kGMm16yT-41SiShYhgSyV968hQVgho0EKUXqlzEWWRQej4FigxTXOY-a7OahpQAgwrdKeNt8pZj4GWt-bzHYid-JkIKgNjBFVlNag9lGuL6ge8SBMUTgewdrRxW938w1GzkuINoY9UKJKROjulDkJvpE308&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMm16yT-41SiShYhgSyV968hQVgho0EKUXqlzEWWRQej4FigxTXOY-a7OahpQAgwrdKeNt8pZj4GWt-bzHYid-JkIKgNjBFVlNag9lGuL6ge8SBMUTgewdrRxW938w1GzkuINoY9UKJKROjulDkJvpE308

Request Chain 255

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJOmlg1D4XsMdkweGyqbp7A&google_cver=1&google_push=ATf1kGOpSAuNwQI8SzQbGqyB8foh6nMyWcbJ_X_a4pVh6CyjgPKLnnM5L6L5o6KKQjcum6khO8DaO6XTGCT80Km5RjlDd-lUgZmRMZdY_T1rPRtacgseAEoAn3rFNIv23K6Wb7yqFf8yN1pSsFeqdo6zX5ewcXY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJOmlg1D4XsMdkweGyqbp7A&google_cver=1&google_push=ATf1kGOpSAuNwQI8SzQbGqyB8foh6nMyWcbJ_X_a4pVh6CyjgPKLnnM5L6L5o6KKQjcum6khO8DaO6XTGCT80Km5RjlDd-lUgZmRMZdY_T1rPRtacgseAEoAn3rFNIv23K6Wb7yqFf8yN1pSsFeqdo6zX5ewcXY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OgSLlChVR0aRb5ekvEoNDQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOpSAuNwQI8SzQbGqyB8foh6nMyWcbJ_X_a4pVh6CyjgPKLnnM5L6L5o6KKQjcum6khO8DaO6XTGCT80Km5RjlDd-lUgZmRMZdY_T1rPRtacgseAEoAn3rFNIv23K6Wb7yqFf8yN1pSsFeqdo6zX5ewcXY

Request Chain 256

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_cver=1&google_push=ATf1kGOTumYHnCwKIgdWlW14oWoMBwvfwWwwvJEKRFvo7UTgojA34geFiAdBBG9FcVo-8B6G6njzquyejzspktsv3JE1B4t0nQQ3vb_-YlqPROJKna8u1_Oo_ovslzbV7icbQ0RGY6IH-We5UZ4FgipWMp_zs98 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_push=ATf1kGOTumYHnCwKIgdWlW14oWoMBwvfwWwwvJEKRFvo7UTgojA34geFiAdBBG9FcVo-8B6G6njzquyejzspktsv3JE1B4t0nQQ3vb_-YlqPROJKna8u1_Oo_ovslzbV7icbQ0RGY6IH-We5UZ4FgipWMp_zs98&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_hm=ZF-pQm3cLI4nbNNJbQVZvAAADc4AAAIB&google_nid=index&google_push=ATf1kGOTumYHnCwKIgdWlW14oWoMBwvfwWwwvJEKRFvo7UTgojA34geFiAdBBG9FcVo-8B6G6njzquyejzspktsv3JE1B4t0nQQ3vb_-YlqPROJKna8u1_Oo_ovslzbV7icbQ0RGY6IH-We5UZ4FgipWMp_zs98

Request Chain 257

https://an.yandex.ru/mapuid/google/CAESEGNr8mshIbx6pafa1jomPb0?ext-param=ATf1kGPF8XroXJzVspea0BJJkb1P7PiWYbEsFWdLue7qKy5y6-FZfSFijj5HtPvlgykkTeMvbQGhjCkk9_h-nnkNPNbxiu_601vnS1bRWVKBaZcd5bgaZvxo9vE-vBdw4259Gwo9EWPtxg0iziIJYqEBOarkFbX4&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEGNr8mshIbx6pafa1jomPb0?redir-setuniq=1&ext-param=ATf1kGPF8XroXJzVspea0BJJkb1P7PiWYbEsFWdLue7qKy5y6-FZfSFijj5HtPvlgykkTeMvbQGhjCkk9_h-nnkNPNbxiu_601vnS1bRWVKBaZcd5bgaZvxo9vE-vBdw4259Gwo9EWPtxg0iziIJYqEBOarkFbX4&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGNr8mshIbx6pafa1jomPb0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 258

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOxVvdf2iOq82Pxrn3YxXDU&google_cver=1&google_push=ATf1kGNNIeLdwzppQvBcZP0b_4wev2kRRvxxMSx_69y0ZuuUkc3wktqNqNpSpjZ8PH6VyKd7IeqlUKoUfyK1AqUNTmITtmIPsaNKwd6DT_gIdFpZxkdZcArFUOdO4yyO1jqg5pa3vezr37DKwfRd-dDwjs1Eq6ck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjQwNGU5ZmItOTBmNC00MzhmLWI1NTAtZmE2ODU1NmI1NDY5&google_push=ATf1kGNNIeLdwzppQvBcZP0b_4wev2kRRvxxMSx_69y0ZuuUkc3wktqNqNpSpjZ8PH6VyKd7IeqlUKoUfyK1AqUNTmITtmIPsaNKwd6DT_gIdFpZxkdZcArFUOdO4yyO1jqg5pa3vezr37DKwfRd-dDwjs1Eq6ck HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 263

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIoYo_uaXpAMCZ8b9hKmPOo&google_cver=1&google_push=ATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rLz2mw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rLz2mw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIoYo_uaXpAMCZ8b9hKmPOo&google_cver=1&google_push=ATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rLz2mw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rLz2mw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 264

https://aep.mxptint.net/sn.ashx?google_gid=CAESEDhxPch29ZJDp5ZyUrxrFik&google_cver=1&google_push=ATf1kGPghvIxxpUx6n57cqg-K1utHkyOQpQAxPM8zdwW7JUqj4V7sXcrsPr_B-X80Qcbxe5GF2lDs8Hl_zgTNsko19_fzBaJufs7yw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGPghvIxxpUx6n57cqg-K1utHkyOQpQAxPM8zdwW7JUqj4V7sXcrsPr_B-X80Qcbxe5GF2lDs8Hl_zgTNsko19_fzBaJufs7yw&google_hm=UjMzNjQ1XzEwMjlDRTFGNV8yRjFDNzA5NA%3D%3D

Request Chain 265

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPF1-Fpqe1ZrkdGagPp4FbM&google_cver=1&google_push=ATf1kGN7vyW4MJTH2eq7vge_WIZnbxboYg32P77YsvFc8F_kVPTjXe80T1K85lPHgLUxSfz857zzRPofIKyZitmiGmf-vhSynjP38eY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGN7vyW4MJTH2eq7vge_WIZnbxboYg32P77YsvFc8F_kVPTjXe80T1K85lPHgLUxSfz857zzRPofIKyZitmiGmf-vhSynjP38eY

Request Chain 267

https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEFu2c6gvMOKKXwsbNDikSDM&google_cver=1&google_push=ATf1kGOj3TU9vvsCat2R_6FbN_taOW_tklwNhBdFIIfqz6i3tUVtNifizbsWfqLgTvKf7-cIxnU7C81zUc4iXl8dsB9ZH5Ui--yQhLU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=ATf1kGOj3TU9vvsCat2R_6FbN_taOW_tklwNhBdFIIfqz6i3tUVtNifizbsWfqLgTvKf7-cIxnU7C81zUc4iXl8dsB9ZH5Ui--yQhLU

Request Chain 268

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDyLXSWO4H98D1q8rni4ONQ&google_cver=1&google_push=ATf1kGMslG2fLyNc98ZB04972ktFOXf0bM4-ZvaWS_IOIokfzKtUloznAQ-SDZ3BSKpLYjgjRT3jet3IU-vl_RX4iQKUzPbw_eHleUQ HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDyLXSWO4H98D1q8rni4ONQ&google_push=ATf1kGMslG2fLyNc98ZB04972ktFOXf0bM4-ZvaWS_IOIokfzKtUloznAQ-SDZ3BSKpLYjgjRT3jet3IU-vl_RX4iQKUzPbw_eHleUQ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMslG2fLyNc98ZB04972ktFOXf0bM4-ZvaWS_IOIokfzKtUloznAQ-SDZ3BSKpLYjgjRT3jet3IU-vl_RX4iQKUzPbw_eHleUQ&google_hm=dmZfQ3pTVE4xTkoxMmJCYVJqbF8=

Request Chain 269

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEBpe6sphWILyuYb6cNhi2Bk&google_cver=1&google_push=ATf1kGMemBNNT1wQoHdBKhD2VzDEErTi--3HW0EtYPW8Z2q1nSYPs0hSE0oWl5vFC6ElJMtfnCrD3Hxyn6Ii99fdaudVZTZk5n0xxbyi HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEBpe6sphWILyuYb6cNhi2Bk&google_cver=1&google_push=ATf1kGMemBNNT1wQoHdBKhD2VzDEErTi--3HW0EtYPW8Z2q1nSYPs0hSE0oWl5vFC6ElJMtfnCrD3Hxyn6Ii99fdaudVZTZk5n0xxbyi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=BkB6_zb5TNu2If4y5APjHQ==&no_redirect=1&google_push=ATf1kGMemBNNT1wQoHdBKhD2VzDEErTi--3HW0EtYPW8Z2q1nSYPs0hSE0oWl5vFC6ElJMtfnCrD3Hxyn6Ii99fdaudVZTZk5n0xxbyi

263 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/ 112 KB
29 KB 408ms
371ms Document
text/html 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

f0f10cb741c780aebe10eca58f71105bbfdd1e0d67e4efa9947cc239ae4cfa16

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Sat, 13 May 2023 15:14:04 GMT
last-modified: Fri, 12 May 2023 10:42:53 GMT
server: nginx
wpo-cache-status: cached
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 14003
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 426ms
44ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-181915405-1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1f217827bc4ca35bbd1249218ca6abc882584dddfaf75b02480968c1fa71cff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 15:14:05 GMT

GET
H2 200 style.css
timebusinessnews.com/wp-includes/css/dist/block-library/ 108 KB
108 KB 10ms
9ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/css/dist/block-library/style.css?ver=6.1.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

b0d6e71e48de130e4b0a7e54ddaee478df73dce7ace894f8e5525ce85d2fcdfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 110285
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.css
timebusinessnews.com/wp-content/plugins/contact-widgets/assets/css/ 37 KB
37 KB 29ms
28ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/contact-widgets/assets/css/font-awesome.css?ver=4.7.0

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 08:06:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 37414
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.css
timebusinessnews.com/wp-includes/css/ 638 B
946 B 29ms
28ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/css/classic-themes.css?ver=1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

c2e0faa0bc554b9a86d51ec14488bef748c400cfc8f61e57b3d2e4688f11f983

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 638
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twemoji.js Show response
timebusinessnews.com/wp-includes/js/ 32 KB
32 KB 10ms
10ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/twemoji.js?ver=6.1.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

f1f9eda417444f06ef060dd832d8821c84f081a98cdf62acfe981f5554c894dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 32400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji.js Show response
timebusinessnews.com/wp-includes/js/ 9 KB
9 KB 9ms
9ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/wp-emoji.js?ver=6.1.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 8989
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.css
timebusinessnews.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 1 KB
2 KB 16ms
8ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=3.1.2

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 13:27:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 1425
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recent-post-style.css
timebusinessnews.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 12 KB
12 KB 16ms
8ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=3.1.2

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

906a1c7b899193c5ff4f6a373f6584155142dcaaaf3d7d2c2c71bd3cd02a8b42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 13:27:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 12276
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 button.css
checkout.stripe.com/v3/checkout/ 4 KB
1 KB 63ms
11ms Stylesheet
text/css 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/v3/checkout/button.css

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

576c19f6140a328c4af9fa9e04f764efbe570b0e8e3e4f0f66c5bdde58562a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 15:14:04 GMT
via: 1.1 varnish
age: 38
x-cache: HIT
content-length: 724
x-request-id: 330de108-bd6a-475e-8ea6-c23e83c44dbf
x-served-by: cache-lga21927-LGA
last-modified: Thu, 13 Jan 2022 22:41:56 GMT
server: Fastly
x-timer: S1683990845.974358,VS0,VE1
etag: "aa9c16d967e4074a065955880128c839"
vary: Accept-Encoding, Origin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=60
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 simpay-public.min.css
timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/core/assets/css/ 7 KB
7 KB 17ms
9ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/core/assets/css/simpay-public.min.css?ver=4.7.4

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

fa7b804475d037bb16a2a4309729a3c30fa056730818284e133bcdf7654ff4b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 12:00:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 7311
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simpay-public-pro.min.css
timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/pro/assets/css/ 37 KB
38 KB 17ms
10ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/pro/assets/css/simpay-public-pro.min.css?ver=4.7.4

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

aecfb2458caca6aa9b0e1dab3eab42d1e92643bc856497af633dd370651949ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 12:00:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 38356
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 general.css
timebusinessnews.com/wp-content/plugins/live-news/public/assets/css/ 5 KB
6 KB 20ms
12ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/live-news/public/assets/css/general.css?ver=2.09

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

1a9ed50d9775025a3cf6ed71efefc6ddabadd41252352c5bf88a1888b803cb05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 08:06:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 5461
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
timebusinessnews.com/wp-content/themes/colormag/ 78 KB
79 KB 20ms
13ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/style.css?ver=6.1.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

12c07c825a015b802414575bad03c82ead3dd7eccf98d10d529a5493b569c21b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 80280
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
timebusinessnews.com/wp-content/themes/colormag-child02/ 976 B
1 KB 27ms
20ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag-child02/style.css?ver=2.0.1.1631195291

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

f893d0b012eb8213fb5c54ef29d8f6f5fdde8bfc49d8155f07660c50f6ddb507

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 09 Sep 2021 13:48:11 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 976
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific-popup.css
timebusinessnews.com/wp-content/themes/colormag/js/magnific-popup/ 7 KB
7 KB 27ms
21ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/js/magnific-popup/magnific-popup.css?ver=2.0.5.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

1155981e8193622f58553eed0bba2fa43512af362a3d54dedef64c46970bb371

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 7302
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.css
timebusinessnews.com/wp-content/themes/colormag/fontawesome/css/ 39 KB
39 KB 28ms
21ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/fontawesome/css/font-awesome.css?ver=2.0.5.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 39751
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ctc-style.css
timebusinessnews.com/wp-content/themes/colormag-child02/ 60 B
367 B 31ms
25ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag-child02/ctc-style.css?ver=2.0.1.1631195291

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

cc9c7b14fe952d6377ff29fb3c1e11624e1528af914793a248b5ccabbb06e7ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 09 Sep 2021 13:48:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 60
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 405ms
33ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=2.0.5.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

1effdafaa2ff6aee903b0691f9202aed909b2dca695867c551cb486be70984c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:38:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:05 GMT

GET
H2 200 style.css
timebusinessnews.com/wp-content/plugins/contact-widgets/assets/css/ 1 KB
2 KB 32ms
26ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/contact-widgets/assets/css/style.css?ver=1.0.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

3c4ded5da410516963ce4abaf335f688fa257f1ff93c9ecf034fc715c4f1fb96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 08:06:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 1369
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
timebusinessnews.com/wp-content/plugins/newsletter/ 6 KB
6 KB 32ms
27ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/newsletter/style.css?ver=7.6.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:56:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 6282
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-paginate.css
timebusinessnews.com/wp-content/plugins/wp-paginate/css/ 3 KB
3 KB 33ms
28ms Stylesheet
text/css 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/wp-paginate/css/wp-paginate.css?ver=2.2.0

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

e379a211e75642755c7b975859d84ebf76697490618e8a6127a41036ef82f2df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 13:27:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 2730
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-gtag.js Show response
timebusinessnews.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 30 KB
30 KB 34ms
29ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.js?ver=1683888171

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

357201dedf46672163a0b8694cb297c5351c6d25402c76b625b3c9ae7305b0e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sun, 29 Jan 2023 04:41:49 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 30883
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
timebusinessnews.com/wp-includes/js/jquery/ 283 KB
284 KB 36ms
32ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/jquery/jquery.js?ver=3.6.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

f3e547dd68cdf81e0eee07f2cd672da320942336f3db781d19c134220125ab6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 289832
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.js Show response
timebusinessnews.com/wp-includes/js/jquery/ 25 KB
25 KB 48ms
44ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 25300
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 general.js Show response
timebusinessnews.com/wp-content/plugins/live-news/public/assets/js/ 14 KB
15 KB 49ms
46ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/live-news/public/assets/js/general.js?ver=2.09

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

cc6d6250835c3d26e7301d608ea746588342bcb4e3b1132ea55cceed814200b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 08:06:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 14674
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 momentjs.js Show response
timebusinessnews.com/wp-content/plugins/live-news/public/assets/js/momentjs/ 132 KB
133 KB 50ms
47ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/live-news/public/assets/js/momentjs/momentjs.js?ver=2.09

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

072f0c64dae4905a6519fee8e36fd72519c17367346bc565d240f37a9599cee7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 08:06:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 135414
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
818 B 423ms
54ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:32:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 437ms
81ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

785e5efd4b9a9588e431b12b550d2f06fcf44649a0da1df8e15f1ef90e7a5cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47896
x-xss-protection: 0
server: cafe
etag: 10255610464695211419
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:05 GMT

GET
H2 200 time-business-news-title.jpg
timebusinessnews.com/wp-content/uploads/2018/03/ 24 KB
24 KB 41ms
33ms Image
image/jpeg 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/2018/03/time-business-news-title.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

534705c44bfef366cfe7658ad162477ab0a566f481bd19a5c42df5f9ed2ef587

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 08:06:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 24539
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 415 2R-300x149.png
bitcoinclevercanadareview.com/wp-content/uploads/2023/02/ 1 B
84 B 394ms
89ms Image
image/png 139.162.141.183
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitcoinclevercanadareview.com/wp-content/uploads/2023/02/2R-300x149.png
Requested by: Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.141.183 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: de15.fcomet.com
Software: imunify360-webshield/1.18 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/png
date: Sat, 13 May 2023 15:14:05 GMT
server: imunify360-webshield/1.18

GET
H2 415 1Y-300x300.webp
bitcoinclevercanadareview.com/wp-content/uploads/2023/02/ 1 B
85 B 974ms
103ms Image
image/webp 139.162.141.183
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitcoinclevercanadareview.com/wp-content/uploads/2023/02/1Y-300x300.webp
Requested by: Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.141.183 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: de15.fcomet.com
Software: imunify360-webshield/1.18 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/webp
date: Sat, 13 May 2023 15:14:06 GMT
server: imunify360-webshield/1.18

GET
H2 415 dollars-300x225.jpg
bitcoinclevercanadareview.com/wp-content/uploads/2022/10/ 1 B
85 B 656ms
87ms Image
image/jpeg 139.162.141.183
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitcoinclevercanadareview.com/wp-content/uploads/2022/10/dollars-300x225.jpg
Requested by: Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.141.183 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: de15.fcomet.com
Software: imunify360-webshield/1.18 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/jpeg
date: Sat, 13 May 2023 15:14:05 GMT
server: imunify360-webshield/1.18

GET
H2 200 muskbranson.jpg
earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/ 160 KB
160 KB 478ms
259ms Image
image/jpeg 5.45.70.122
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/muskbranson.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.45.70.122 , Netherlands, ASN58061 (SCALAXY-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:33:04 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 01 Jun 2021 13:25:08 GMT
server: nginx
etag: "60b63534-27ea3"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163491
expires: Mon, 12 Jun 2023 14:33:04 GMT

GET
H2 200 dreamcar.jpg
earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/ 160 KB
160 KB 806ms
586ms Image
image/jpeg 5.45.70.122
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/dreamcar.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.45.70.122 , Netherlands, ASN58061 (SCALAXY-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:33:04 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 01 Jun 2021 13:25:08 GMT
server: nginx
etag: "60b63534-27eee"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163566
expires: Mon, 12 Jun 2023 14:33:04 GMT

GET
H2 200 scandi-family.jpg
earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/ 69 KB
69 KB 809ms
590ms Image
image/jpeg 5.45.70.122
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/scandi-family.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.45.70.122 , Netherlands, ASN58061 (SCALAXY-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

89de577de8f862e95a454c41ac90d87fbe4cec0d1a904cbdae70c2f5c0a4d430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:33:04 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 01 Jun 2021 13:25:10 GMT
server: nginx
etag: "60b63536-114d8"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 70872
expires: Mon, 12 Jun 2023 14:33:04 GMT

GET
H2 200 cheque.jpg
earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/ 116 KB
116 KB 806ms
587ms Image
image/jpeg 5.45.70.122
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/cheque.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.45.70.122 , Netherlands, ASN58061 (SCALAXY-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

efc089495e9aa5afd8cf9ae12fe7c9af5524e8eb422de89b2d65d9736e79a899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:33:04 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 01 Jun 2021 13:25:07 GMT
server: nginx
etag: "60b63533-1cfab"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 118699
expires: Mon, 12 Jun 2023 14:33:04 GMT

GET
H2 200 step1-NO.jpg
earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/ 38 KB
39 KB 805ms
587ms Image
image/jpeg 5.45.70.122
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/step1-NO.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.45.70.122 , Netherlands, ASN58061 (SCALAXY-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

3023c1c85c9215334a37d941fbea1e8bf0ad7df61d126cc3d8654ee7854d0e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:33:04 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 01 Jun 2021 13:25:11 GMT
server: nginx
etag: "60b63537-9911"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 39185
expires: Mon, 12 Jun 2023 14:33:04 GMT

GET
H2 200 step2-NO.jpg
earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/ 110 KB
110 KB 417ms
417ms Image
image/jpeg 5.45.70.122
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/step2-NO.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.45.70.122 , Netherlands, ASN58061 (SCALAXY-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

018a0e998aad724f04245028a7e006e29c2173d747de8690e7a4a301955788a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:33:04 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 01 Jun 2021 13:25:12 GMT
server: nginx
etag: "60b63538-1b80f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 112655
expires: Mon, 12 Jun 2023 14:33:04 GMT

GET
H2 200 step3-NO.jpg
earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/ 41 KB
41 KB 430ms
429ms Image
image/jpeg 5.45.70.122
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://earnmoneycrypt.com/clickstar/bitcoin-era/no1/index_files/step3-NO.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.45.70.122 , Netherlands, ASN58061 (SCALAXY-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

b97fd73ecd088bde212a037256d64a8f7244d7705bb4fb9b32cc7b8fcd465b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:33:04 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 01 Jun 2021 13:25:12 GMT
server: nginx
etag: "60b63538-a35a"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 41818
expires: Mon, 12 Jun 2023 14:33:04 GMT

GET
H2 200 fifa-coin.jpg
timebusinessnews.com/wp-content/uploads/ 76 KB
76 KB 39ms
34ms Image
image/jpeg 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/fifa-coin.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

9f287d9d28191831f64d8307cd35b4a1ebea93594fd09400cff939a0e4738979

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 15:38:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 77328
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 phone-png.png
timebusinessnews.com/wp-content/uploads/ 200 KB
201 KB 56ms
51ms Image
image/png 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/phone-png.png

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

41b89a54fdc2876c7f8cf54dadbf1550f9f551c8b0af069fbd91a6ee129f0329

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 15:44:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 205039
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DNBC_ad_TBN-1.jpg
timebusinessnews.com/wp-content/uploads/ 37 KB
37 KB 67ms
63ms Image
image/jpeg 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/DNBC_ad_TBN-1.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

4dea1b53bf41f4c95852328762f93092299bbe2eb345d2d93e12433ac201809f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sun, 03 Oct 2021 18:43:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 37849
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 timebusinessnews-4.jpg
timebusinessnews.com/wp-content/uploads/ 78 KB
78 KB 74ms
69ms Image
image/jpeg 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/timebusinessnews-4.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

42db9d0583bf3c857f44efa6b97c40114594ddd6f036fc582fd2910c704412f0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 27 Feb 2023 11:59:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 79775
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 advertise-here.png
timebusinessnews.com/wp-content/uploads/ 226 KB
227 KB 77ms
73ms Image
image/png 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/advertise-here.png

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

3e17cc727628b9dac5551175ab0d1ee073be7000f44792ed5987c0e06a56d83e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 06 Nov 2020 06:25:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 231431
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ifgict-banner.png
timebusinessnews.com/wp-content/uploads/ 437 KB
438 KB 87ms
83ms Image
image/png 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/ifgict-banner.png

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

319f4bf962a67269c510dda875088e081b63f5bec15049c2c545e9e9fe49c87b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 21:12:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 447452
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 471 KB
127 KB 38ms
3ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0004a68f02d2b5c9f0d71d2e7e1be0c097a6ee4b3124a9af82a287f4252a3a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 May 2023 15:14:05 GMT
via: 1.1 varnish
age: 12
x-cache: HIT
content-length: 129625
x-request-id: 8257070d-7583-4e8f-8b8d-5771e8f1d9a8
x-served-by: cache-lga21927-LGA
last-modified: Fri, 12 May 2023 20:34:28 GMT
server: Fastly
etag: "46fee595e76829378601536997163fec"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 accounting.min.js Show response
timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/core/assets/js/vendor/ 3 KB
3 KB 17ms
7ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/core/assets/js/vendor/accounting.min.js?ver=4.7.4

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 12:00:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 3151
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 regenerator-runtime.js Show response
timebusinessnews.com/wp-includes/js/dist/vendor/ 24 KB
25 KB 21ms
10ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/dist/vendor/regenerator-runtime.js?ver=0.13.9

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

7206cf318a71ac0cd59d710fd6318de5bb647e95a1d6dada870eded122b1f0e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 24843
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill.js Show response
timebusinessnews.com/wp-includes/js/dist/vendor/ 60 KB
60 KB 22ms
11ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/dist/vendor/wp-polyfill.js?ver=3.15.0

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

9edccb39ba9e6d436e7a752b2be90ead4faa245c199a46ab4c49fcfc56e05419

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 61498
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dom-ready.js Show response
timebusinessnews.com/wp-includes/js/dist/ 2 KB
3 KB 25ms
14ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/dist/dom-ready.js?ver=7c25017459f1da90355d

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

81264a0be7d9cacdea4629e9a6767a492f8b31e3feb798cced3c7edfec1fccc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 2510
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hooks.js Show response
timebusinessnews.com/wp-includes/js/dist/ 20 KB
20 KB 26ms
15ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/dist/hooks.js?ver=3ad9b2919ff3fc96ce63

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

a1271ebbf1c80a4e963b4f91eccd41c2651fd3f6cd529984d5c54bcbd004d354

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 20574
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i18n.js Show response
timebusinessnews.com/wp-includes/js/dist/ 51 KB
51 KB 26ms
16ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/dist/i18n.js?ver=0343553cc8c879477a4a

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

f2b37bf2f2b55fe6c4c1b0f546effc9f1c6ec29d87176ee1c0ceb2c62ae77e24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 51846
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a11y.js Show response
timebusinessnews.com/wp-includes/js/dist/ 9 KB
9 KB 29ms
19ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/dist/a11y.js?ver=0ee61caf926b8a5c5f27

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

a1db467cf90411702dc469a6a27601617242eec916601ff8ccf9306b36bf3ea2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 8758
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 url.js Show response
timebusinessnews.com/wp-includes/js/dist/ 33 KB
33 KB 30ms
20ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/dist/url.js?ver=2d2e951909e9f41b4163

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

a7c8c0679fd5fa5f44df7a73df8fa84adc48afbc1b698db7deec24e880a17e2f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 33443
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api-fetch.js Show response
timebusinessnews.com/wp-includes/js/dist/ 21 KB
22 KB 31ms
22ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-includes/js/dist/api-fetch.js?ver=68af4ed41fa8a1b94f61

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

b823b895dc13edabae801444205385a58451154b87e4b3461dacaec18b6c0f64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 11:35:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 21973
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simpay-public-pro-upe.min.js Show response
timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/pro/assets/js/ 60 KB
60 KB 32ms
23ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/pro/assets/js/simpay-public-pro-upe.min.js?ver=4.7.4

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

4690fd6b38ae389ba8b837fd242a4bffe96448ada7e9fec0123e1b087123fd55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 12:00:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 61504
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.bxslider.js Show response
timebusinessnews.com/wp-content/themes/colormag/js/ 68 KB
69 KB 34ms
25ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/js/jquery.bxslider.js?ver=2.0.5.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

8ab0d3d2a07a49962f9543d4c701f01e0e667a565d7e1aa31d09e0def5d3db92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 69806
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.magnific-popup.js Show response
timebusinessnews.com/wp-content/themes/colormag/js/magnific-popup/ 43 KB
43 KB 35ms
26ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.js?ver=2.0.5.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

63d576b7e46477e414fccfa292d0415a192bd4a3ddb8ef4452f94d84554e18ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 43589
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 navigation.js Show response
timebusinessnews.com/wp-content/themes/colormag/js/ 3 KB
4 KB 37ms
28ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/js/navigation.js?ver=2.0.5.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

ec5ec1a4386f8c2ce0bea88f9a5fbce8d36226aa30e3168977b3444a077463f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 3299
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fitvids.js Show response
timebusinessnews.com/wp-content/themes/colormag/js/fitvids/ 3 KB
4 KB 38ms
30ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/js/fitvids/jquery.fitvids.js?ver=2.0.5.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 3437
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 skip-link-focus-fix.js Show response
timebusinessnews.com/wp-content/themes/colormag/js/ 805 B
1 KB 40ms
31ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/js/skip-link-focus-fix.js?ver=2.0.5.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

7dfcfff070cbfeb929f6cb8b743d691bb330b294cf9b6b387c43428ded8036d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 805
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 colormag-custom.js Show response
timebusinessnews.com/wp-content/themes/colormag/js/ 5 KB
6 KB 40ms
32ms Script
application/javascript 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/js/colormag-custom.js?ver=2.0.5.1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

e53e125865039a006f0c5abe2018ae90bd9545d5f804fdecab4d566cf5d830f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 5577
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 62ms
58ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-46K0RZPMQK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-181915405-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1cf40205f47ace53e8f890071319e93de05cce0ff042bada6b01acd06969cabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 15:14:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 380ms
15ms Script
text/javascript 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-181915405-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 13:18:40 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 13 May 2023 15:18:40 GMT

GET
H2 206 IFGICT.mp4
timebusinessnews.com/wp-content/uploads/ 5 MB
0 84ms
83ms Media
video/mp4 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/uploads/IFGICT.mp4

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 03 Sep 2021 19:10:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 0-6525871/6525872
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
Content-Length: 6525872
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

8qmmx15z0heuv
stream-034.zeno.fm/
Redirect Chain

https://node-10.zeno.fm/8qmmx15z0heuv?rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ
https://stream-034.zeno.fm/8qmmx15z0heuv?zs=owZsQsxSSi-lTCrn1FQDYA&rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ

169 KB
0

1063ms
1006ms

Media
audio/aac

158.69.60.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://stream-034.zeno.fm/8qmmx15z0heuv?zs=owZsQsxSSi-lTCrn1FQDYA&rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ
Requested by: Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
Protocol: HTTP/1.1
Server: 158.69.60.171 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ovh34.ca.zeno.fm
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

icy-name: Time Business News Radio
transfer-encoding: chunked
content-type: audio/aac

Redirect headers

location: https://stream-034.zeno.fm/8qmmx15z0heuv?zs=owZsQsxSSi-lTCrn1FQDYA&rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ
date: Sat, 13 May 2023 15:14:04 GMT
cache-control: no-cache
content-length: 0

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 340ms
14ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=2.0.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://timebusinessnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 17:28:13 GMT
x-content-type-options: nosniff
age: 337552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 May 2024 17:28:13 GMT

GET
H2 200 fontawesome-webfont.woff2
timebusinessnews.com/wp-content/themes/colormag/fontawesome/fonts/ 75 KB
76 KB 206ms
195ms Font
font/woff2 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://timebusinessnews.com/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/wp-content/themes/colormag/fontawesome/css/font-awesome.css?ver=2.0.5.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://timebusinessnews.com/wp-content/themes/colormag/fontawesome/css/font-awesome.css?ver=2.0.5.1
Origin: https://timebusinessnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 27 Mar 2021 15:55:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 time-business-news-default-682x445.jpg
timebusinessnews.com/wp-content/uploads/ 56 KB
57 KB 434ms
427ms Image
image/jpeg 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/time-business-news-default-682x445.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

08ff25d092cc6ea493ad5c92c22e6f4a6aec3e33d5e456cf93288b338c4b7372

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 27 Oct 2021 14:58:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 57574
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 clienAdimage.png
timebusinessnews.com/wp-content/uploads/ 42 KB
42 KB 438ms
430ms Image
image/png 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/clienAdimage.png

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

8999176e75d2175a0203e7caea62abed75f73c0d95fc8ebea918fd13abadf7cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 03 May 2023 14:58:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 42592
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ksf-space-animated-video.gif
timebusinessnews.com/wp-content/uploads/ 2 MB
2 MB 445ms
439ms Image
image/gif 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/ksf-space-animated-video.gif

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

ad419adf538fcddbc50cf266b0e4c40965c84919745f6d09507c6b17531531e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 14 Jan 2022 19:48:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 1671757
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ksf-space-animated-video-02.gif
timebusinessnews.com/wp-content/uploads/ 1 MB
1 MB 596ms
589ms Image
image/gif 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/ksf-space-animated-video-02.gif

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

ea31f10edab8222e4e66001e64f74b3e91f0fe42ca5ee682e09def8a6509fd9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2022 20:00:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 1506578
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 01-copy-4-1s-300x202.jpg
timebusinessnews.com/wp-content/uploads/2019/09/ 37 KB
37 KB 596ms
590ms Image
image/jpeg 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/uploads/2019/09/01-copy-4-1s-300x202.jpg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

4abb42638aed204a1a1d5e9531ea94c593f2bbb9b3b33f6eb780a129f337600f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 08:06:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 37466
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
www.google-analytics.com/g/ 0
174 B 247ms
35ms Ping
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-46K0RZPMQK&gtm=45je35a0&_p=2098427912&cid=1653978787.1683990846&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1683990845&sct=1&seg=0&dl=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&dt=Zara%20Larsson%20Bitcoin%20Code%20Erfaringer%202023%20-%20svindel%20eller%20legitim%3F&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46K0RZPMQK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://timebusinessnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26a0.svg
s.w.org/images/core/emoji/14.0.0/svg/ 548 B
541 B 34ms
2ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/26a0.svg

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

03382ac2fd7fe0d58ae2f81964b332bd34dfc9cc5145a10e61cb5e776aef5e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Sat, 13 May 2023 15:14:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 3068 200 B
786 B 7ms
3ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9291631
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 13 May 2023 15:14:05 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 25 Jan 2023 23:10:53 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 757085
x-content-type-options: nosniff
x-request-id: ac6cc27c-4a14-482d-8c57-966c09e75a58
x-served-by: cache-lga21927-LGA

GET
H2 200 clock.png
timebusinessnews.com/wp-content/plugins/live-news/public/assets/img/ 148 B
457 B 448ms
446ms Image
image/png 192.124.249.3
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://timebusinessnews.com/wp-content/plugins/live-news/public/assets/img/clock.png

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10003.sucuri.net

Software

nginx /

Resource Hash

e04770221e9e733bf98ca51d027dd659296604449e57cfec24c21c737324a904

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:05 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 08:06:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
content-length: 148
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3068 631 B
596 B 19ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 May 2023 15:14:06 GMT
via: 1.1 varnish
age: 9291631
x-cache: HIT
content-length: 332
x-request-id: 74e77f5f-69d1-4d61-8392-147c717cd1e5
x-served-by: cache-lga21927-LGA
last-modified: Wed, 25 Jan 2023 23:10:52 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 616522

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 356 KB
120 KB 67ms
66ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b7ce6adefb5723f3e603275e7f4eca08819706555f1cf3abe0b16f047cb46e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122645
x-xss-protection: 0
server: cafe
etag: 16273390448533077257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:06 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 3068 0
717 B 303ms
90ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 13 May 2023 15:14:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683990846360011
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683990846359534
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3068 0
716 B 308ms
95ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 13 May 2023 15:14:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683990846360005
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683990846359528
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 35E6 10 KB
5 KB 395ms
33ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 75510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:15:36 GMT
etag: 15057649708203361565
expires: Fri, 26 May 2023 18:15:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame CCB1 930 B
1 KB 30ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 74
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 13 May 2023 15:14:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 58
x-content-type-options: nosniff
x-request-id: 5ee74b87-5909-4142-877f-a7117d054f9b
x-served-by: cache-lga21927-LGA
x-timer: S1683990846.231492,VS0,VE0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 19ms
17ms Script
text/javascript 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 May 2023 15:17:56 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame CCB1 0
490 B 139ms
96ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 13 May 2023 15:14:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683990846360059
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1683990846359562
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame CCB1 86 KB
16 KB 7ms
5ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sat, 13 May 2023 15:14:06 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 129
x-cache: HIT
content-length: 16031
x-request-id: d2f054c9-275b-4544-9511-d33c87d50144
x-served-by: cache-lga21927-LGA
server: Fastly
x-timer: S1683990846.277139,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 91

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
609 B 417ms
37ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=timebusinessnews.com&callback=_gfp_s_&client=ca-pub-7554934826467559

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

dd55bbc4bc78a70af7e054c169712e827e3dea19a24901895fa00d65fcb1313f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 412ms
41ms Script
application/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timebusinessnews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 105ms
41ms Image
image/gif 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=daln-container&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 931B 541 KB
99 KB 1385ms
1241ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&adk=1812271804&adf=3025194257&lmt=1683888173&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990846052&bpp=34&bdt=1226&idt=234&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3500262067733&frm=20&pv=2&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=325

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2a01877bd9c1d21dc481c4d5e7f4a3bdb89f1747b19a0683d3568dbc926d5043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 101005
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 15:14:07 GMT
expires: Sat, 13 May 2023 15:14:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 33ms
32ms XHR
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2098427912&t=pageview&_s=1&dl=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&ul=en-us&de=UTF-8&dt=Zara%20Larsson%20Bitcoin%20Code%20Erfaringer%202023%20-%20svindel%20eller%20legitim%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAACAAI~&jid=522577765&gjid=1968603626&cid=1653978787.1683990846&tid=UA-181915405-1&_gid=1100090363.1683990846&_r=1&gtm=457e35a0&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=1863345892

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://timebusinessnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://timebusinessnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4F5 115 KB
35 KB 1316ms
1230ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=997297033&adf=4244172154&pi=t.aa~a.3137240526~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1683888173&rafmt=1&to=qs&pwprc=7955184683&format=1200x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990846086&bpp=10&bdt=1260&idt=348&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zoNLj1TMBt&p=https%3A//timebusinessnews.com&dtd=357

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

024739417ce84497039db4512af1f70ee03ba45e429d8967e8535c0231cbed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35706
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 15:14:07 GMT
expires: Sat, 13 May 2023 15:14:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 363ms
18ms XHR
text/plain 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-181915405-1&cid=1653978787.1683990846&jid=522577765&gjid=1968603626&_gid=1100090363.1683990846&_u=aCDAAUIgAAAAACAAI~&z=1398038642

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://timebusinessnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 13 May 2023 15:14:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://timebusinessnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame CCB1 156 B
669 B 307ms
102ms XHR
application/json 44.226.104.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.104.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-104-41.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

29880e4a092f2b2db1d619d9a468eade9850d07f3a867215f455cc972bc28db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 13 May 2023 15:14:06 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683990846956478
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1683990846956140
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 css
fonts.googleapis.com/ Frame B4F5 2 KB
662 B 47ms
41ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=997297033&adf=4244172154&pi=t.aa~a.3137240526~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1683888173&rafmt=1&to=qs&pwprc=7955184683&format=1200x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990846086&bpp=10&bdt=1260&idt=348&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zoNLj1TMBt&p=https%3A//timebusinessnews.com&dtd=357

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:39:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame B4F5 2 KB
846 B 376ms
17ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:06:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame B4F5 0
0 68ms
62ms Fetch
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFqb_PqlfZKCeJKyTzLUPgN-XmAbVitSIcJSxyNjVD8icncGDNhABIPuVtntgycapi8Ck2A-gAaXR1sgDyAEJqAMByAPLBKoElQJP0DzJT4OpP9dL6fiLrBvd3YYD-u8pIfpzGY2VmhjWjQ4NaDzJozcu8dj9unKtNbwU-bZ-zA8JsQh6u04JzUS-fIKne2VwGepbQsUuZsBIIFCA1LprrabynCAYSS1KQcGPyT5XD3c0EJ8HREGqB3tsRl7cx8WRFb-hIvcPgJQX8haeGqmKjfdprkkd8u7CYXoOY4OEL4qKylYtZz90hlNGN4LWu5905OP24vVuqSYY2SN0b_qkINU0KkXrOuM8k263b_TU9Bh5iu-DWVL15tG2O7zDB7p5InUmbAFwlZfVYOQozj2QtP5TIsbWYdLM5ExekHByLenWW9YRDM9Vnah71uk_1FGngH2zQ8yCRd5f1jbfnNP_wATWtbuYjgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHw66pN6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCR-E_SCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAZgMwrCu2YoEwhMGGKXR1sgD2BMO0BUBmBYBgBcBshccChoIABIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=R8vLoPKJgrg&uach_m=[UACH]&cid=CAQSGwBygQiD2jgklOODCqGeMBeTaCJwP079YnTLRRgB&template_id=494

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=997297033&adf=4244172154&pi=t.aa~a.3137240526~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1683888173&rafmt=1&to=qs&pwprc=7955184683&format=1200x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990846086&bpp=10&bdt=1260&idt=348&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zoNLj1TMBt&p=https%3A//timebusinessnews.com&dtd=357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 15:14:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 May 2023 15:14:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame B4F5 22 KB
9 KB 326ms
13ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame B4F5 3 KB
1 KB 329ms
18ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame B4F5 19 KB
8 KB 325ms
15ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame B4F5 32 KB
14 KB 358ms
13ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:19:40 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B4F5 26 KB
26 KB 412ms
15ms Image
image/jpeg 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTZXynsBgnNx3EEI0TAziT04E1MAzuZYMGSkkVDY8cY9PcHYgnte23hqiq7EA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

6532aacaf914f6b6ef8493cba9ad7f0e1abaeb50923bb1df0a9302e7b4841eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:37:46 GMT
x-content-type-options: nosniff
age: 45382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26498
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 20:58:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 02:37:46 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B4F5 33 KB
34 KB 367ms
13ms Image
image/jpeg 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQCR8hsL3Po1IrvFIBiv2wneX1X5IAsXbsSBCYFfv4vxbdb95Uy1F1cuuXq9ok&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

0cdf8f2189f24a7ae0e8bca5b13754bbc9e37fdd3cea5fe3728da9ba36ac2b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:40:50 GMT
x-content-type-options: nosniff
age: 45198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33772
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 10:44:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 02:40:50 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B4F5 40 KB
40 KB 379ms
25ms Image
image/jpeg 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRq8j8j5DO6NvL5qZr6wmnZxAaWk_p5cfrNEsA38k-X1dFfCluiPS9QSvJweR0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

f881307facf7bd0eb3a32367475b998591789281d3328347aa73d0e3c56d7daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:40:50 GMT
x-content-type-options: nosniff
age: 45198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41049
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 18:56:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 02:40:50 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B4F5 28 KB
28 KB 389ms
36ms Image
image/jpeg 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSJRwxP_EhGUVLJ1Vd3Of0dUhXwCTGu5uXrQxTey8L7GuyccSoPvP3A5LfIrEg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

dd21139cdb86853965f8b979b2b331a277681a58b55e990826b99dc1fc0d49c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:40:50 GMT
x-content-type-options: nosniff
age: 45198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28986
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 20:51:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 02:40:50 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B4F5 44 KB
44 KB 424ms
29ms Image
image/jpeg 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRZe3WZbxInG5xFMtEW1tHtU0jAXJITAo28EtpDCSR36GTGoavOa6xqSJMrh8g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

3af2a681c2bad1ac5cb5e28212f14510265f0f27059c62be78ecec567706e7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:37:46 GMT
x-content-type-options: nosniff
age: 45382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45177
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:58:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 02:37:46 GMT

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 151 KB
51 KB 54ms
53ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f935254bd129bdaf9c4b0b17e93a967a3e5e64a002dc72fc3289bb5a19b4ebbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52389
x-xss-protection: 0
server: cafe
etag: 1355140152899865077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 38ms
37ms Script
application/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timebusinessnews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CCFB 123 KB
38 KB 1256ms
1256ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2731288662&pi=t.aa~a.3600466503~i.3~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=2&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eWtJfK1YQb&p=https%3A//timebusinessnews.com&dtd=62

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8205e0200ba4f3ae9b301445d172f2529fb3ceae73c7df99baac724bb937142e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39273
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 15:14:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F505 108 KB
38 KB 1600ms
1600ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

79e7b273992f17fd791bd957f30acb8db997193ed8a58e9e9ab19a0b38de10de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38423
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 15:14:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E25B 107 KB
37 KB 1427ms
1426ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fae5e762f21bd335cd61db83060457a02b893359cf0c7596e8b55c414b9a1ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 37861
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 15:14:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A4EB 120 KB
38 KB 1679ms
1677ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f267bf50a772c22db08fae3fa2aaa157602b1fb8d321ee8109b33f6f131c8beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38879
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 15:14:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 46ms
35ms Script
application/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timebusinessnews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 2276 10 KB
5 KB 14ms
12ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:30:19 GMT
etag: 15057649708203361565
expires: Fri, 26 May 2023 18:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame EC70 10 KB
4 KB 19ms
15ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:30:19 GMT
etag: 15057649708203361565
expires: Fri, 26 May 2023 18:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 0E46 10 KB
4 KB 26ms
18ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:30:19 GMT
etag: 15057649708203361565
expires: Fri, 26 May 2023 18:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame B636 10 KB
4 KB 24ms
19ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:30:19 GMT
etag: 15057649708203361565
expires: Fri, 26 May 2023 18:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2276 4 KB
767 B 35ms
34ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:33:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2276 205 B
520 B 14ms
12ms Image
image/png 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 10:17:05 GMT
x-content-type-options: nosniff
age: 363423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 May 2024 10:17:05 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2276 604 B
697 B 14ms
13ms Image
image/png 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 22:58:44 GMT
x-content-type-options: nosniff
age: 231324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 May 2024 22:58:44 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame 2276 19 KB
8 KB 15ms
14ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:06:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8020
x-xss-protection: 0
server: cafe
etag: 10981734531507917325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:06:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame EC70 22 KB
9 KB 12ms
12ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 1368352623939848828
tpc.googlesyndication.com/simgad/ Frame EC70 141 KB
142 KB 19ms
17ms Image
image/gif 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1368352623939848828

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

8b183042b3572e7cbd7b41e3ed43de9396ecd6a5ceeaaf0089e7a5c17b14c730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 15:31:40 GMT
x-content-type-options: nosniff
age: 603748
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144509
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 10:19:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 15:31:40 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EC70 3 KB
1 KB 15ms
14ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EC70 19 KB
8 KB 14ms
13ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC70 169 KB
53 KB 435ms
49ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:08 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EC70 32 KB
13 KB 16ms
15ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13044
x-xss-protection: 0
server: cafe
etag: 498276857413144450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:09:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 0E46 2 KB
799 B 44ms
39ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 0E46 22 KB
9 KB 41ms
37ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 0E46 3 KB
1 KB 42ms
40ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 0E46 19 KB
8 KB 40ms
38ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E46 169 KB
52 KB 442ms
75ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:08 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 0E46 32 KB
13 KB 16ms
15ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:19:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B636 4 KB
728 B 42ms
41ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:31:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame B636 2 KB
799 B 30ms
30ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame B636 22 KB
9 KB 29ms
28ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame B636 3 KB
1 KB 33ms
31ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame B636 19 KB
8 KB 35ms
33ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B636 169 KB
52 KB 444ms
94ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:08 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame B636 32 KB
13 KB 37ms
36ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:19:40 GMT

GET
DATA 200
OK truncated
/ Frame B4F5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8b57025e29c01daf0af06f29eeb73595fd199b12ff714b1ac832c1b33a15d48

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B4F5 20 KB
20 KB 19ms
5ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 16:06:31 GMT
x-content-type-options: nosniff
age: 601657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 16:06:31 GMT

GET
H2 200 5c132af01198b79277f9291767bd072e.js Show response
www.gstatic.com/mysidia/ Frame 0A6F 8 KB
4 KB 30ms
23ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5c132af01198b79277f9291767bd072e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3651
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 15:37:51 GMT

GET
H2 200 a174bc86ea41e2de18803eb20b910c3d.js Show response
www.gstatic.com/mysidia/ Frame 0A6F 147 KB
55 KB 30ms
22ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a174bc86ea41e2de18803eb20b910c3d.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

7c687daf4f7d3a36b3eb7a221d79de8689ac0cb6488c323dfe1340a31ffb428f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55718
x-xss-protection: 0
last-modified: Thu, 11 May 2023 19:57:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 21:03:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A6F 5 KB
926 B 40ms
37ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

c14c5e17dfe628e18a965eebff2c03cc7cd0fdb06529f6415a800dedf57884c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:50:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 0A6F 2 KB
799 B 22ms
18ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 0A6F 22 KB
9 KB 15ms
12ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 0A6F 3 KB
1 KB 23ms
20ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 0A6F 19 KB
8 KB 17ms
15ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A6F 169 KB
52 KB 317ms
77ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:08 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 0A6F 32 KB
13 KB 15ms
13ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:19:40 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 56BF 143 B
228 B 14ms
13ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 14:26:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F08 37 KB
15 KB 21ms
19ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 56BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
168 B

54ms
52ms

Document
text/html

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 15:14:09 GMT
expires: Sat, 13 May 2023 15:14:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 15:14:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 0A6F 0
234 B 670ms
119ms Ping
image/gif 142.250.74.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhm4o6yg&c=3483193778641&slotId=1741596889320.5&qqid=CJvK3eHK8v4CFYbX4wcdQpUApA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a174bc86ea41e2de18803eb20b910c3d.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: arn09s21-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/OscMwomoWMo/ Frame 0A6F 13 KB
14 KB 489ms
49ms Image
image/jpeg 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/OscMwomoWMo/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

2386ccedd4a14a34d3fa37fa8904e7b2ef09c18f73eeaea3f81a047579cca872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13548
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 13 May 2023 17:14:09 GMT

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-ab5sznze.googlevideo.com/ Frame 0A6F 3 MB
0 565ms
140ms Media
video/mp4 74.125.172.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznze.googlevideo.com/videoplayback?expire=1684019647&ei=P6lfZOK1J4uLkASE_ZWYCg&ip=5.181.234.133&id=3ac70cc289a858ca&itag=18&source=youtube&requiressl=yes&mh=y6&mm=31&mn=sn-ab5sznze&ms=au&mv=m&mvi=5&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=58.119&lmt=1662258973659770&mt=1683990543&txp=5310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAJMBR1r8CfL8D3Q8PcIgSiMyavmIfBxwwtewMeFQK3NXAiAgu5pAGRCHATOcWByvBjE_BaMUAAxbPdojpSrQoU4_Rg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANpuC4t-2LFD7YdY-r33gu0YWYfDbUTxr6W6EcuVxYQJAiAxbTvZ1swcSZiZjsz3RfMLDRy_fb2qTT2r-yox1T8Qhw==&cpn=e7o1B6lSanx8A4QQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.172.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s41-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 13 May 2023 15:14:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 04 Sep 2022 02:36:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-4871491/4871492
Cache-Control: private, max-age=28498
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4871492
Expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame D121 37 KB
14 KB 26ms
25ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

GET
H2 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BC1 37 KB
14 KB 22ms
21ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CCFB 10 KB
1 KB 319ms
319ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2731288662&pi=t.aa~a.3600466503~i.3~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=2&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eWtJfK1YQb&p=https%3A//timebusinessnews.com&dtd=62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

1d7666209fd78007af6f00e6183895d519ddfc041df9b609274ea6f35e8ea3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:41:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CCFB 2 KB
804 B 14ms
13ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame CCFB 22 KB
9 KB 14ms
14ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CCFB 3 KB
1 KB 32ms
16ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CCFB 19 KB
8 KB 16ms
15ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CCFB 0
0 55ms
40ms Image
text/html 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZxU78E7DJAh8am5guFODWuZ3A82nxagNViFFzV22s5q0vu7NM8ZmNKgLhkSfwG9ykq_Y5Z0EcSepK6sV07t9zPyYG0Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2731288662&pi=t.aa~a.3600466503~i.3~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=2&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eWtJfK1YQb&p=https%3A//timebusinessnews.com&dtd=62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCFB 169 KB
52 KB 90ms
75ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame CCFB 32 KB
13 KB 33ms
18ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:19:40 GMT

GET
DATA 200
OK truncated
/ Frame EC70 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fd1ac29b9a8c1cab71f5233bff4d939ca7e79e12feb36f2f81e036656e36d1a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame CCFB 0
0 55ms
54ms Fetch
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6oruQKlfZMnVBp_SzLUPldmTiA-to7TIcOfwz6WyEdO3jqv9OxABIPuVtntgycapi8Ck2A-gAaHAmPEoyAEJqAMByAPLBKoElwJP0Ht8Q76IcozOb6fsWYBbQqiMQ8inDFj_WX7H9Q1o6Xtso5bu8VYlBXjkpyVIJOvxMvi-DkE9g_e9tO_Q3dbBDJvyobnMl1VSiWyzeYU3G1t68nabxgtDWUKHPouONllzpU9Mgx2F7zRYfatGoUcgYyAYGiYX-rNAaySSuQpfBjifp9c1UFkqu2lbLqvYhi8G-SIHHBcZapZBPQdTfUa890aJNIgVpxcz8i5OPz1wxh1XLZYva8rQSNlICILt0_wrsHhx8-pPX3F9ABhiL4b0ZlQVcCtZH1e6_60Jd3BqHdaUsfchsKyAxwhkPKuAJspkPei8GzWsiTC6L9U7dMSCR-_bWW01h_W0A4fOzufYmXxxAW7_PWvABNeJic2sBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfk8ebRA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCnrVLSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi03NTU0OTM0ODI2NDY3NTU5GAA&sigh=ZDzH3W3D6rQ&uach_m=[UACH]&cid=CAQSOwBygQiD_CprepRkWW9vlswQ63YZ0shrW6LITT0VxgmmeDHoW_9Rf-osEGGa6gnu2EKsmQ35sKbnIlckGAE&template_id=494

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2731288662&pi=t.aa~a.3600466503~i.3~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=2&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eWtJfK1YQb&p=https%3A//timebusinessnews.com&dtd=62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 15:14:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame CCFB 31 KB
31 KB 651ms
13ms Image
image/jpeg 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT2B9PR07HsNmzAzcEk75tJG5IkB-L6m0FNscGUBO5euCByEYueK960KgavNQs&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

sffe /

Resource Hash

3f0ad8fce7af1098d4a17d54da4c3374a842dbeff12ed949c6325c98630303f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:31:44 GMT
x-content-type-options: nosniff
age: 16946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31301
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 09:11:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 10:31:44 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame CCFB 28 KB
28 KB 665ms
28ms Image
image/jpeg 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQpzPB1CArw0pPk4RCf9qtAdeT4yDYUwWmftNqllHKp48ZE7EfUICFlL_Aecg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

sffe /

Resource Hash

e461b281292f9c0a421c3773dbaa82d534a534de4c7b93ade129306f9aec625a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 01:15:47 GMT
x-content-type-options: nosniff
age: 223103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28345
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 04:50:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 10 May 2024 01:15:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame CCFB 17 KB
17 KB 35ms
13ms Image
image/jpeg 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ40JtuYUFcsWAsNhvKVpj34WYk-4KGkbkfchqB-ZaOxVWrmm8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

5264b2b7670d257f2dbacbd851a1125ee00dc8772fddc9f6629210c79c06b7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 16:03:15 GMT
x-content-type-options: nosniff
age: 601854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17257
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 11:30:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 May 2024 16:03:15 GMT

GET
H2

200

18096425895053646920
tpc.googlesyndication.com/simgad/ Frame CCFB
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODE9ffygwEQsAkYsAkyCFJT4FVfc8KB
https://tpc.googlesyndication.com/simgad/18096425895053646920

77 KB
77 KB

21ms
16ms

Image
image/png

172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18096425895053646920

Requested by

Protocol

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:35:12 GMT
x-content-type-options: nosniff
age: 596337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 17:09:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 17:35:12 GMT

Redirect headers

date: Fri, 12 May 2023 18:13:17 GMT
x-content-type-options: nosniff
server: cafe
age: 75652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/18096425895053646920
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 18:13:17 GMT

GET
H2 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame F970 37 KB
14 KB 13ms
11ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame EC70 0
56 B 72ms
71ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGphePqlfZJyzJIavj-8PwqqCoAqS7fyOcKSfh8GJEaycqbDUOxABIPuVtntgycapi8Ck2A-gAb7w85UDyAEDqAMByAPJBKoEoAJP0OVJdMJZIP7TNI2Tg7Of8LOVZDTQw1DY6xY-_jCRTCcCD-GECGnJc92SGhe0aWjXUmTp3NWOLkwrYkq-WQZYawXZ5Zxm6qNJ2DfVTAVXmSnJKIGXi4OuvvHHoIcFG1fr6iF2sJ0uvQvpqoxBA0cz2shRmRBFfKMp2c2QW2YjBpP_iowCP0J1zJ81n4ZGUHykvrRBoKZWJqlF9OnpRQsiFj1SGNCBGIg5hR0j1S8MJ6KFcj1Ga5KBs9PiwsmVDkd9CvQScDzLUpTwNF44-X7lz_kpmRV-JWFZpgDl-ArC2mjO2CKI9wYBkGi_bb6nrS8FoBveiQ7y767ojCJDkhilBUJk_pg5H8qTG_LWErYqshIbj1MokLOOAumRzqWUGfDABJC19O_CBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYDgAfeq4uaAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMSADNIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=1wkZi0F9TT0&uach_m=[UACH]&cid=CAQSGwBygQiD8l1u3ONGnbsTQTuNDCKddCffKINOQhgB&vis=1

Requested by

Host: timebusinessnews.com
URL: https://timebusinessnews.com/zara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 15:14:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3347 37 KB
14 KB 16ms
16ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E25B 9 KB
1005 B 114ms
112ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:35:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E25B 2 KB
799 B 34ms
32ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame E25B 22 KB
9 KB 28ms
27ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E25B 3 KB
1 KB 62ms
38ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E25B 19 KB
8 KB 29ms
28ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E25B 0
0 81ms
56ms Image
text/html 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJJLo5liyy6TtGSqthtDPyhNyL-tnA8fBE12K0K2Tcqg-E76s7zgQM6Txs1_9ms31bUwuDcE3RNTlmnO6T3QAFiKs3xQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E25B 169 KB
52 KB 139ms
114ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame E25B 32 KB
13 KB 69ms
44ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:19:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F505 9 KB
1005 B 80ms
50ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:31:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame F505 2 KB
799 B 65ms
36ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame F505 22 KB
9 KB 53ms
24ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame F505 3 KB
1 KB 54ms
38ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame F505 19 KB
8 KB 54ms
25ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F505 0
0 71ms
56ms Image
text/html 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUB7jHI6Jfx2iLQXmB7BgOpnlzhBiy7rtZy7SALMgB2L7JbUEJCec7raUjy2RA4Bjp5zd9zQYWhat4IRKqDFGvKHEN3Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F505 169 KB
52 KB 157ms
147ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame F505 32 KB
13 KB 54ms
45ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:19:40 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F505 0
0 76ms
66ms Fetch
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCSRKQKlfZMKcCO-Qj-8Ph-i54ATsqOqqbp3fxcn6EJiS-IezAhABIPuVtntgycapi8Ck2A-gAaiNjrcCyAEJqAMByAPLBKoElgJP0G99JfE1WAGzI1TsLsFBii6RLfBspCEPvFvR78e3PaJaU5DnVdOExq-jQq5tf-oDUhTVdpZDoM_wNRvbXyahfkEbdcRjT-NkG6LA_UtDAaWc2KNEL7I_I9PXTQQKWsE3IPK-ZRxywG4j9aHqOAtJrYu63RW2SILZwc4m1_rJybURqneRNc4VkMfHB3xO5ulW5ZnntBQpo60LHPpOdEZ9Ca_HLnF4Ovx_YyCvgLkj2ONRYj3Ja4raXkbjWdLjBbn0KAFrxKepjtce8QqgS5GoSeWkDsdEzivtFI4d2gAfWN_LinTH8UBNT1Xk0OxvqDaWB6K2ySIwglIORn8eFWFYvJKH2ey-XptV8t_fPaoQufOE9MvrNcAEyJH_ucMDkgUECAQYAZIFBAgFGASgBi6AB8Dy8cgBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1IE_0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNzU1NDkzNDgyNjQ2NzU1ORgA&sigh=-XUKGJ1CVs4&uach_m=[UACH]&cid=CAQSOwBygQiD4_n7V2Xf3fF2Ul9zsYkV5dyht3TRBEK-8zNeJ3--UTjFvkdupXlFAXX4Gz028S3SUm-8PMzOGAE&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 15:14:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 106691472647135746
tpc.googlesyndication.com/simgad/ Frame F505 12 KB
12 KB 48ms
41ms Image
image/png 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/106691472647135746?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

07a3a331e53f400def66fda9b7da32114dd2a87cfc53ba254da390db3ca67466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:14:25 GMT
x-content-type-options: nosniff
age: 53984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12348
x-xss-protection: 0
last-modified: Thu, 12 May 2022 14:33:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 00:14:25 GMT

GET
DATA 200
OK truncated
/ Frame F505 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F505 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 106691472647135746
tpc.googlesyndication.com/simgad/ Frame E25B 12 KB
12 KB 63ms
13ms Image
image/png 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/106691472647135746?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

07a3a331e53f400def66fda9b7da32114dd2a87cfc53ba254da390db3ca67466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:14:25 GMT
x-content-type-options: nosniff
age: 53984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12348
x-xss-protection: 0
last-modified: Thu, 12 May 2022 14:33:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 00:14:25 GMT

GET
DATA 200
OK truncated
/ Frame E25B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E25B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame E25B 0
0 74ms
52ms Fetch
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwK4MQKlfZIS2CYOP7gLvqIPwCeyo6qpund_FyfoQmJL4h7MCEAEg-5W2e2DJxqmLwKTYD6ABqI2OtwLIAQmoAwHIA8sEqgSWAk_Qnb9CUVErgrTKD5ydN2VAl3N1ru6q9dxOkBbPduU31CTl_3OJi1PQzYN-BL2s0m6fhodg5q01_4YVeeK2QMHcQzH8nYDfZRmo3nfLGc7w7ODGVadwv_ywuCbDOIZjUl_BInxT9OdyzLq-c0gts-hjUGV6ZOCIuqk6Jz017TzsWr0NgOwfI0CIS5MpzfYxzGbbuhezYcx834aBd_xPktJCSxi-VYFPt6kPZgihNT0B6YO38jrShd3NysxgPiRMIEfkygtJo5d4WS2Ok0mrbh9LjgLq-Nrel6NKV2xg8xLQzXCAbpPMECSHLZTFxhzV6-kPyKBA0jKPfWvMmX9b4v1JcZ2lPLIzAYWe6cZiwYCfYqLXN9k2wATIkf-5wwOSBQQIBBgBkgUECAUYBKAGLoAHwPLxyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDD9T7SCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NTU0OTM0ODI2NDY3NTU5GAA&sigh=nWpavQN-H50&uach_m=[UACH]&cid=CAQSOwBygQiD65D2QYHYIrJpq0IMUW4oq0Pz1VRXZEPPStjEmui0uMAFPk2pqWNbADg--1wwiJovi1ykTcBCGAE&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 15:14:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame A4EB 2 KB
639 B 43ms
41ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 14:37:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame A4EB 2 KB
799 B 18ms
16ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame A4EB 22 KB
9 KB 15ms
14ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame A4EB 3 KB
1 KB 31ms
26ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame A4EB 19 KB
8 KB 16ms
15ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:42:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A4EB 0
0 44ms
38ms Image
text/html 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkdzXhYst2-2xenLHOnG5Dm4_dH_g9cri4WhzTqtG6o93LWDox_bfWa9g_uXQiw7Z3sCgqWqfFMZwuY_hQIOicH4pGfQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4EB 169 KB
52 KB 85ms
80ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame A4EB 32 KB
13 KB 32ms
27ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:19:40 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CE42 1 KB
758 B 52ms
16ms Document
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 78518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 17:25:32 GMT
etag: 48472445140208031
expires: Sat, 13 May 2023 17:25:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame A4EB 0
0 55ms
54ms Fetch
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce-6rQKlfZO6NCr_Q0_wP262kSK2jtMhw5_DPpbIR07eOq_07EAEg-5W2e2DJxqmLwKTYD6ABocCY8SjIAQmoAwHIA8sEqgSXAk_QypoeVvvKp3ditmBX4vPvamLjABr88p24UIJbcmFQJdA0pzh0LcU-JNw7wSXYRsiyY64TITvnwd4PJgb5hbAiYvlosVewWRHsEiC1FQ_BPwgpebIjJAWTv7yhTWq1vCei0S7qvyg3lAmX0tIOUg22FdokmHfWAKvcqOxaCqS3tXt9M7rSh6ABlxzYvb3QXDYaYyOv63k6aFH8hGv_9xaesaigi2dL85Av_mv4oi85_jSZ-Zlk7d_VAa55JDpBVEvhZmkbaCZhcvHu-R-1NoQpC-cKxPZ12yi9VrOkPtPdCFvUEKTnfhHDzFKx76RVqfBHLcpI-6OIq3-EdtV7Nc9T_yAFtJFu1VUJgP7R9zqK1k6RJMKzmMAE14mJzawEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-Tx5tEDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEIe6JtIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=Kr3zOb3f6Pc&uach_m=[UACH]&cid=CAQSOwBygQiD5_QSIsQY4oVziXVbn-Ewou4ZwN1SWgAHI9VbyHGR2NfabgPiPpFl9pzkbyD-SFxf_6JXC7i0GAE&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 15:14:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A4EB 31 KB
31 KB 138ms
36ms Image
image/jpeg 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT2B9PR07HsNmzAzcEk75tJG5IkB-L6m0FNscGUBO5euCByEYueK960KgavNQs&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

sffe /

Resource Hash

3f0ad8fce7af1098d4a17d54da4c3374a842dbeff12ed949c6325c98630303f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:31:44 GMT
x-content-type-options: nosniff
age: 16946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31301
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 09:11:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 May 2024 10:31:44 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A4EB 28 KB
28 KB 145ms
44ms Image
image/jpeg 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQpzPB1CArw0pPk4RCf9qtAdeT4yDYUwWmftNqllHKp48ZE7EfUICFlL_Aecg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

sffe /

Resource Hash

e461b281292f9c0a421c3773dbaa82d534a534de4c7b93ade129306f9aec625a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 01:15:47 GMT
x-content-type-options: nosniff
age: 223103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28345
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 04:50:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 10 May 2024 01:15:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A4EB 17 KB
17 KB 13ms
12ms Image
image/jpeg 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ40JtuYUFcsWAsNhvKVpj34WYk-4KGkbkfchqB-ZaOxVWrmm8&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

5264b2b7670d257f2dbacbd851a1125ee00dc8772fddc9f6629210c79c06b7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 16:03:15 GMT
x-content-type-options: nosniff
age: 601855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17257
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 11:30:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 May 2024 16:03:15 GMT

GET
H2

200

18096425895053646920
tpc.googlesyndication.com/simgad/ Frame A4EB
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODE9ffygwEQsAkYsAkyCFJT4FVfc8KB
https://tpc.googlesyndication.com/simgad/18096425895053646920

77 KB
77 KB

14ms
13ms

Image
image/png

172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18096425895053646920

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:35:12 GMT
x-content-type-options: nosniff
age: 596338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 17:09:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 17:35:12 GMT

Redirect headers

date: Fri, 12 May 2023 18:13:17 GMT
x-content-type-options: nosniff
server: cafe
age: 75653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/18096425895053646920
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 18:13:17 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 96B8 1 KB
677 B 53ms
18ms Document
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 78518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 17:25:32 GMT
etag: 48472445140208031
expires: Sat, 13 May 2023 17:25:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1920 1 KB
677 B 52ms
18ms Document
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 78518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 17:25:32 GMT
etag: 48472445140208031
expires: Sat, 13 May 2023 17:25:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F505 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96fc24ebcd17188170c6f441f7ae3908b6a821e7c68923885b18dcbea9a45c08

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E25B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70816a28ff9042110efbeb5c72a86db83f77eba43c852dc1c84417cef1cf9371

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CCFB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f74803d791ee50c6f225d9a5155ca9fa6769058720c258f0cbc9da1a3b9054e7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame CCFB 29 KB
29 KB 42ms
0ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 08:34:21 GMT
x-content-type-options: nosniff
age: 23989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 08:34:21 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame CCFB 20 KB
20 KB 39ms
0ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 16:06:31 GMT
x-content-type-options: nosniff
age: 601659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 16:06:31 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame F505 29 KB
29 KB 43ms
6ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 08:34:21 GMT
x-content-type-options: nosniff
age: 23989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 08:34:21 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame E25B 29 KB
29 KB 51ms
14ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 08:34:21 GMT
x-content-type-options: nosniff
age: 23989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 08:34:21 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8082 1 KB
677 B 33ms
9ms Document
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 78518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 17:25:32 GMT
etag: 48472445140208031
expires: Sat, 13 May 2023 17:25:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A4EB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 447b8d5587a7b6a40aaf19b770f6c1561a2499a34d42631c1979e40cc8636546

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A4EB 20 KB
20 KB 13ms
2ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 16:06:31 GMT
x-content-type-options: nosniff
age: 601659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 16:06:31 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CE42
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1&google_push=ATf1kGMC0W3DU3OXwnRIpH8F48e3gdnAJoXzxGGBIvznlLkCB7Xqc6acAwnjnJ7TrHSR7u-5mGdoD8yD1hgsWJvM3A_iK4Po-OOkiw4
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDIwMDMzOTQyODI1MTc4NjQ0MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1

43 B
398 B

259ms
32ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE42
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELEke_c84yaYKqhge4Q2Qfk&google_cver=1&google_push=ATf1kGNVvYtdfBKHztfTjzSu7IH0jqVAMhT-QdyIXoI6udNApQjpeVS...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6d5335f06a052300&is_secure=true&networkId=14000&version=1&google_gid=CAESELEke_c84yaYKqhge4Q2Qfk&google_cver=1&google_push=ATf1kGNVvYtd...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMsEVpNHKBRgMXc_Y-AAAAAAA&expiration=1684077251&google_cver=1&is_secure=true&google_gid=CAESELEke_c84yaYKqhge4Q2Q...

170 B
188 B

44ms
43ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMsEVpNHKBRgMXc_Y-AAAAAAA&expiration=1684077251&google_cver=1&is_secure=true&google_gid=CAESELEke_c84yaYKqhge4Q2Qfk&google_push=ATf1kGNVvYtdfBKHztfTjzSu7IH0jqVAMhT-QdyIXoI6udNApQjpeVSmrr-7iku_7JKP63JQgqJzsQSuqVYlAbj1TcKSUC1HtX6mJi8

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMsEVpNHKBRgMXc_Y-AAAAAAA&expiration=1684077251&google_cver=1&is_secure=true&google_gid=CAESELEke_c84yaYKqhge4Q2Qfk&google_push=ATf1kGNVvYtdfBKHztfTjzSu7IH0jqVAMhT-QdyIXoI6udNApQjpeVSmrr-7iku_7JKP63JQgqJzsQSuqVYlAbj1TcKSUC1HtX6mJi8
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE42
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEDhxPch29ZJDp5ZyUrxrFik&google_cver=1&google_push=ATf1kGNBS-yOrNU2vx_fi5u7TRHxYgCbg5aT_iQeP8wT9end0ly9rxM1aaKzTndu4x3El500DMhRrt6F7nyG8IwlEuYCvXjIJOS64MI
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGNBS-yOrNU2vx_fi5u7TRHxYgCbg5aT_iQeP8wT9end0ly9rxM1aaKzTndu4x3El500DMhRrt6F7nyG8IwlEuYCvXjIJOS64MI&google_hm=UjMzNjQ2XzEwM...

170 B
232 B

39ms
38ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGNBS-yOrNU2vx_fi5u7TRHxYgCbg5aT_iQeP8wT9end0ly9rxM1aaKzTndu4x3El500DMhRrt6F7nyG8IwlEuYCvXjIJOS64MI&google_hm=UjMzNjQ2XzEwMjlDRTFGNl8yRjRBRTlCNQ%3D%3D

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGNBS-yOrNU2vx_fi5u7TRHxYgCbg5aT_iQeP8wT9end0ly9rxM1aaKzTndu4x3El500DMhRrt6F7nyG8IwlEuYCvXjIJOS64MI&google_hm=UjMzNjQ2XzEwMjlDRTFGNl8yRjRBRTlCNQ%3D%3D
Date: Sat, 13 May 2023 15:14:10 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-366995602; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 349
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE42
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESECXriyf9acmQ29bl8BdPkFg&c_param1=ATf1kGOwq1FNhs8X0OTrZglcyNd-mjCJmbjRurv9la1EmZmRC9F9C9YWnT_G5yb2HEIcZSh2U6VqiPg8slp00xnSBel2LR6kZ93xZA&gdpr=%%GDPR%...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGOwq1FNhs8X0OTrZglcyNd-mjCJmbjRurv9la1EmZmRC9F9C9YWnT_G5yb2HEIcZSh2U6VqiPg8slp00xnSBel2LR6kZ93xZA

170 B
232 B

50ms
40ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGOwq1FNhs8X0OTrZglcyNd-mjCJmbjRurv9la1EmZmRC9F9C9YWnT_G5yb2HEIcZSh2U6VqiPg8slp00xnSBel2LR6kZ93xZA

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGOwq1FNhs8X0OTrZglcyNd-mjCJmbjRurv9la1EmZmRC9F9C9YWnT_G5yb2HEIcZSh2U6VqiPg8slp00xnSBel2LR6kZ93xZA
date: Sat, 13 May 2023 15:14:10 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE42
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESELg1HF8xFzLDBPr7GD369k4&google_cver=1&google_push=ATf1kGPQ2Dlk66kFwajo6DDHTlxgthJeF3tClDhssW6WZTyZKFU1XQyy8rLpcyoEczAdNiuQFrxCE9iFvcWYkGjE7aI4pAY1pS0RPnk
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGPQ2Dlk66kFwajo6DDHTlxgthJeF3tClDhssW6WZTyZKFU1XQyy8rLpcyoEczAdNiuQFrxCE9iFvcWYkGjE7aI4pAY1pS0RPnk&google_hm=bc616292a1a6e6c4...

170 B
329 B

67ms
40ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGPQ2Dlk66kFwajo6DDHTlxgthJeF3tClDhssW6WZTyZKFU1XQyy8rLpcyoEczAdNiuQFrxCE9iFvcWYkGjE7aI4pAY1pS0RPnk&google_hm=bc616292a1a6e6c4a3aefdcccdbbc5e7

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGPQ2Dlk66kFwajo6DDHTlxgthJeF3tClDhssW6WZTyZKFU1XQyy8rLpcyoEczAdNiuQFrxCE9iFvcWYkGjE7aI4pAY1pS0RPnk&google_hm=bc616292a1a6e6c4a3aefdcccdbbc5e7
date: Sat, 13 May 2023 15:14:10 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE42
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEKEYemP8zVrbxDqVmVq0CZI&google_cver=1&google_push=ATf1kGMFDi4HQ1sUjynigQT_hc6USgIQ7wJotyx_dTCmviT0LC0A4pipyWFDW7RmooEW7Q6YRPn1rbsjcGPT7DlUBg8K6GX...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGMFDi4HQ1sUjynigQT_hc6USgIQ7wJotyx_dTCmviT0LC0A4pipyWFDW7RmooEW7Q6YRPn1rbsjcGPT7DlUBg8K6GXEvvi7svc&google_hm=ODE5MjAw...

170 B
232 B

50ms
39ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGMFDi4HQ1sUjynigQT_hc6USgIQ7wJotyx_dTCmviT0LC0A4pipyWFDW7RmooEW7Q6YRPn1rbsjcGPT7DlUBg8K6GXEvvi7svc&google_hm=ODE5MjAwNTAyMTE5Njc3OTQxMA==

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGMFDi4HQ1sUjynigQT_hc6USgIQ7wJotyx_dTCmviT0LC0A4pipyWFDW7RmooEW7Q6YRPn1rbsjcGPT7DlUBg8K6GXEvvi7svc&google_hm=ODE5MjAwNTAyMTE5Njc3OTQxMA==
Date: Sat, 13 May 2023 15:14:11 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

report
sync.teads.tv/um/ Frame CE42
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOxVvdf2iOq82Pxrn3YxXDU&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NjRmZTk1YTUtOTdkOS00MzA2LTllODMtNjA4ZDJiZmQ1ZWNm&google_push=ATf1kGOXaGuJ-wAKfb0fFKUNQwkZRkNoauWlHuzG8DsXE7mzlWqeV5jyZUVxurMOvNNu7...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

23ms
15ms

Image
image/gif

23.192.30.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.192.30.145 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-30-145.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Sat, 13 May 2023 15:14:11 GMT
pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CE42 0
130 B 415ms
37ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLAi8xLycMoK3knp4WwOuiwFS2-JLI5O2tSvZMI9oGOSN0oQfyNtPDjrDpanS4ACClJ3gZB1Y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 96B8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL6p7lBnv-ioPUfhWKBM7bQ&google_cver=1&google_push=ATf1kGMDVrn5laXQkSVvQTPaM0szTzVaNioBnkU29O-jFNJCZGE75pAVaisiC4jW74TQyDTb5u46bbF79T_JsP5q...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMDVrn5laXQkSVvQTPaM0szTzVaNioBnkU29O-jFNJCZGE75pAVaisiC4jW74TQyDTb5u46bbF79T_JsP5qrVHrb4swnlTWzw

170 B
232 B

39ms
38ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMDVrn5laXQkSVvQTPaM0szTzVaNioBnkU29O-jFNJCZGE75pAVaisiC4jW74TQyDTb5u46bbF79T_JsP5qrVHrb4swnlTWzw

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 13 May 2023 15:14:10 GMT
Server: MT3 851 9bd98ae master iad-pixel-x2 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMDVrn5laXQkSVvQTPaM0szTzVaNioBnkU29O-jFNJCZGE75pAVaisiC4jW74TQyDTb5u46bbF79T_JsP5qrVHrb4swnlTWzw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 May 2023 15:14:09 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 96B8
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEK_1Gu_kQuZp30OKWBLNsCY&google_cver=1&google_push=ATf1kGMiYMPL42SsYnibnAcJxHe_5P-p2y3Z-yz5Hq6MzCDdBe_s4wzm2t_-dV-wgMXhXChlo1_4N5w02XRpES41q4s2Oma9EzPo
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REJGM0MxNjY2NjFGQ0NFMg==

170 B
232 B

39ms
38ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REJGM0MxNjY2NjFGQ0NFMg==

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REJGM0MxNjY2NjFGQ0NFMg==
date: Sat, 13 May 2023 15:14:10 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 96B8 43 B
363 B 305ms
10ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMi8LWqtWybZjoPF74QJjk8&google_cver=1&google_push=ATf1kGNHnX5IWD2octzU1e1Rx9Q24Gu8qnY_YFJdzwt0dXVBFraQoraNehlox-bg-Edv0SkOh7nUyyBuSVXBbTKd7s9pFrw0K7tITQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:10 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 457291
expires: Sat, 13 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 96B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIm9Lpk7339VdeQj7i2NbiA&google_cver=1&google_push=ATf1kGO4puVA-zioPnXOmddBPNtYKS9oomVsYZ4S_fhL6W82kuG856YGNxWQca_ZnxGBOpGKznY...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhNNE84UUwtQi1LVlQx&google_push=ATf1kGO4puVA-zioPnXOmddBPNtYKS9oomVsYZ4S_fhL6W82kuG856YGNxWQca_ZnxGBOpGKznYW6ZpR7y7REu2GeqVaz5ALOKkmcw

170 B
188 B

41ms
39ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhNNE84UUwtQi1LVlQx&google_push=ATf1kGO4puVA-zioPnXOmddBPNtYKS9oomVsYZ4S_fhL6W82kuG856YGNxWQca_ZnxGBOpGKznYW6ZpR7y7REu2GeqVaz5ALOKkmcw

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhNNE84UUwtQi1LVlQx&google_push=ATf1kGO4puVA-zioPnXOmddBPNtYKS9oomVsYZ4S_fhL6W82kuG856YGNxWQca_ZnxGBOpGKznYW6ZpR7y7REu2GeqVaz5ALOKkmcw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 382e2818ca015d35b02cd449aa60881d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 96B8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_hm=ZF-pQm3cLI4nbNNJbQVZvAAADc4AAAIB&google_nid=index&google_push=ATf1kGO5BWE9LsvdgCqpjD3F59UjIpsaCZlza...

170 B
188 B

43ms
42ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_hm=ZF-pQm3cLI4nbNNJbQVZvAAADc4AAAIB&google_nid=index&google_push=ATf1kGO5BWE9LsvdgCqpjD3F59UjIpsaCZlzaYnyiAyHyn2pta_QzfCMZtGTEX5fRgjGfFwAnf0rYBeDNmMQuYQNbhpkTxIwePwJiQ

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 May 2023 15:14:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_hm=ZF-pQm3cLI4nbNNJbQVZvAAADc4AAAIB&google_nid=index&google_push=ATf1kGO5BWE9LsvdgCqpjD3F59UjIpsaCZlzaYnyiAyHyn2pta_QzfCMZtGTEX5fRgjGfFwAnf0rYBeDNmMQuYQNbhpkTxIwePwJiQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 96B8
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELxokedZQ779BgMtQk8Pkfg&google_cver=1&google_push=ATf1kGMJfIU6n44s_-mtBa1lxIm9El4O4GjxztoN_9U6k9lKBdn1DjCBy2WPSRWO4o...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGMJfIU6n44s_-mtBa1lxIm9El4O4GjxztoN_9U6k9lKBdn1DjCBy2WPSRWO4oF9lf57Y7MlJX2M91HybRvlRf4ixddt7S67ryU&google_hm=...

170 B
232 B

55ms
55ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGMJfIU6n44s_-mtBa1lxIm9El4O4GjxztoN_9U6k9lKBdn1DjCBy2WPSRWO4oF9lf57Y7MlJX2M91HybRvlRf4ixddt7S67ryU&google_hm=OJVlIQ1wRZ-J_wm1oPciaoU

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGMJfIU6n44s_-mtBa1lxIm9El4O4GjxztoN_9U6k9lKBdn1DjCBy2WPSRWO4oF9lf57Y7MlJX2M91HybRvlRf4ixddt7S67ryU&google_hm=OJVlIQ1wRZ-J_wm1oPciaoU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 96B8
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEKe_7quhQPnLwbBrXu2F5-4&google_cver=1&google_push=ATf1kGMo8lrQugUrZVA43EdOmnzj2HwUlla4Q8sT7TajdWE9w9dFaZnp_rxS_hdJHOeCWwd9QBHgqHRCPsq23meWeqxJmSTB0...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMo8lrQugUrZVA43EdOmnzj2HwUlla4Q8sT7TajdWE9w9dFaZnp_rxS_hdJHOeCWwd9QBHgqHRCPsq23meWeqxJmSTB088Qjw&google_hm=4cb73c118a3d...

170 B
232 B

45ms
44ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMo8lrQugUrZVA43EdOmnzj2HwUlla4Q8sT7TajdWE9w9dFaZnp_rxS_hdJHOeCWwd9QBHgqHRCPsq23meWeqxJmSTB088Qjw&google_hm=4cb73c118a3d6c463ff1325ed5586dc9

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGMo8lrQugUrZVA43EdOmnzj2HwUlla4Q8sT7TajdWE9w9dFaZnp_rxS_hdJHOeCWwd9QBHgqHRCPsq23meWeqxJmSTB088Qjw&google_hm=4cb73c118a3d6c463ff1325ed5586dc9
date: Sat, 13 May 2023 15:14:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 96B8 0
49 B 379ms
38ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0kW4MiVcxTUX4jIQinT3l3cPmZ1muVB8NvCszQezFboapVHiAkEKFNaLs4SQjkSoiReD-wEA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1920
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1&google_push=ATf1kGOnhiNGVPvqEj4x0hg2j5HdjWhTOLz4KmNvIC15y1AMPEPymzOfK-WFfFHOYFgYobbgUWOKT7aprM49oM-_ArIJFqEhPdD1d...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDEyODI4MTgzNDIxMzg1ODUwNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1

43 B
398 B

254ms
27ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBvH_AOONJ2gd_IEHtHy8pY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1920
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMOzreMsE5usiZiDlFrd4QE&google_cver=1&google_push=ATf1kGNiEGj44cqaeuGTk-_f7f2rdMQcI1nBSXrSYimB48Zbzt7FBwYL9-N0sqS8SpDjX2T1OhzUosk...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEMOzreMsE5usiZiDlFrd4QE&google_cver=1&google_push=ATf1kGNiEGj44cqaeuGTk-_f7f2rdMQcI1nBSXrSYimB48Zbzt7FBwYL9-N0sqS8SpDjX...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=vjVsOd24Q9KGENoNSkJ4GmRfqUI

170 B
188 B

45ms
43ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=vjVsOd24Q9KGENoNSkJ4GmRfqUI

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:10 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=vjVsOd24Q9KGENoNSkJ4GmRfqUI
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1920
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESECXriyf9acmQ29bl8BdPkFg&c_param1=ATf1kGMm16yT-41SiShYhgSyV968hQVgho0EKUXqlzEWWRQej4FigxTXOY-a7OahpQAgwrdKeNt8pZj4GWt-bzHYid-JkIKgNjBFVlNag9lGuL6ge8S...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMm16yT-41SiShYhgSyV968hQVgho0EKUXqlzEWWRQej4FigxTXOY-a7OahpQAgwrdKeNt8pZj4GWt-bzHYid-JkIKgNjBFVlNag9lGuL6ge8SBMUTgewdrRxW938w1G...

170 B
232 B

48ms
38ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMm16yT-41SiShYhgSyV968hQVgho0EKUXqlzEWWRQej4FigxTXOY-a7OahpQAgwrdKeNt8pZj4GWt-bzHYid-JkIKgNjBFVlNag9lGuL6ge8SBMUTgewdrRxW938w1GzkuINoY9UKJKROjulDkJvpE308

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMm16yT-41SiShYhgSyV968hQVgho0EKUXqlzEWWRQej4FigxTXOY-a7OahpQAgwrdKeNt8pZj4GWt-bzHYid-JkIKgNjBFVlNag9lGuL6ge8SBMUTgewdrRxW938w1GzkuINoY9UKJKROjulDkJvpE308
date: Sat, 13 May 2023 15:14:10 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1920
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OgSLlChVR0aRb5ekvEoNDQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
43ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OgSLlChVR0aRb5ekvEoNDQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOpSAuNwQI8SzQbGqyB8foh6nMyWcbJ_X_a4pVh6CyjgPKLnnM5L6L5o6KKQjcum6khO8DaO6XTGCT80Km5RjlDd-lUgZmRMZdY_T1rPRtacgseAEoAn3rFNIv23K6Wb7yqFf8yN1pSsFeqdo6zX5ewcXY

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OgSLlChVR0aRb5ekvEoNDQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOpSAuNwQI8SzQbGqyB8foh6nMyWcbJ_X_a4pVh6CyjgPKLnnM5L6L5o6KKQjcum6khO8DaO6XTGCT80Km5RjlDd-lUgZmRMZdY_T1rPRtacgseAEoAn3rFNIv23K6Wb7yqFf8yN1pSsFeqdo6zX5ewcXY
date: Sat, 13 May 2023 15:14:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1920
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_hm=ZF-pQm3cLI4nbNNJbQVZvAAADc4AAAIB&google_nid=index&google_push=ATf1kGOTumYHnCwKIgdWlW14oWoMBwvfwWwwv...

170 B
188 B

45ms
44ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_hm=ZF-pQm3cLI4nbNNJbQVZvAAADc4AAAIB&google_nid=index&google_push=ATf1kGOTumYHnCwKIgdWlW14oWoMBwvfwWwwvJEKRFvo7UTgojA34geFiAdBBG9FcVo-8B6G6njzquyejzspktsv3JE1B4t0nQQ3vb_-YlqPROJKna8u1_Oo_ovslzbV7icbQ0RGY6IH-We5UZ4FgipWMp_zs98

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 May 2023 15:14:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKJtFQIijJcLPr0BzXDZMd8&google_hm=ZF-pQm3cLI4nbNNJbQVZvAAADc4AAAIB&google_nid=index&google_push=ATf1kGOTumYHnCwKIgdWlW14oWoMBwvfwWwwvJEKRFvo7UTgojA34geFiAdBBG9FcVo-8B6G6njzquyejzspktsv3JE1B4t0nQQ3vb_-YlqPROJKna8u1_Oo_ovslzbV7icbQ0RGY6IH-We5UZ4FgipWMp_zs98
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 1920
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEGNr8mshIbx6pafa1jomPb0?ext-param=ATf1kGPF8XroXJzVspea0BJJkb1P7PiWYbEsFWdLue7qKy5y6-FZfSFijj5HtPvlgykkTeMvbQGhjCkk9_h-nnkNPNbxiu_601vnS1bRWVKBaZcd5bgaZvxo9vE-...
https://an.yandex.ru/mapuid/google/CAESEGNr8mshIbx6pafa1jomPb0?redir-setuniq=1&ext-param=ATf1kGPF8XroXJzVspea0BJJkb1P7PiWYbEsFWdLue7qKy5y6-FZfSFijj5HtPvlgykkTeMvbQGhjCkk9_h-nnkNPNbxiu_601vnS1bRWVKB...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGNr8mshIbx6pafa1jomPb0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

121ms
119ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Apr 2024 15:14:11 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 1920
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOxVvdf2iOq82Pxrn3YxXDU&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjQwNGU5ZmItOTBmNC00MzhmLWI1NTAtZmE2ODU1NmI1NDY5&google_push=ATf1kGNNIeLdwzppQvBcZP0b_4wev2kRRvxxMSx_69y0ZuuUkc3wktqNqNpSpjZ8PH6Vy...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

19ms
16ms

Image
image/gif

23.192.30.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.192.30.145 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-30-145.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Sat, 13 May 2023 15:14:11 GMT
pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1920 0
40 B 341ms
39ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L15qgfOk5lJp323R6C5W0fEMA6K9Bv9DKa7o2tFzN_jMqdVfk71pr7QT60fALLoUlKb8pWuKU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BAF 37 KB
14 KB 13ms
12ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

GET
H2 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C39 37 KB
14 KB 16ms
16ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=688409093&pi=t.aa~a.3600466503~i.35~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280&nras=5&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=2TmABGFdJa&p=https%3A//timebusinessnews.com&dtd=96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

GET
H2 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C0F 37 KB
14 KB 17ms
17ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=2526533703&pi=t.aa~a.3600466503~i.13~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=1&bdt=3181&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280&nras=4&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2Ki9fIRJX&p=https%3A//timebusinessnews.com&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8082
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIoYo_uaXpAMCZ8b9hKmPOo&google_cver=1&google_push=ATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rLz2...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIoYo_uaXpAMCZ8b9hKmPOo&google_cver=1&google_push=ATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rL...

43 B
425 B

95ms
84ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIoYo_uaXpAMCZ8b9hKmPOo&google_cver=1&google_push=ATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rLz2mw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rLz2mw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c6bd983edf942b8-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 17
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIoYo_uaXpAMCZ8b9hKmPOo&google_cver=1&google_push=ATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rLz2mw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGN4MkzUH6T8X4AzQaUrHQlXP_hv8pingpdhilQCj8RNim9VIuKw0GA_vSjHtvv4OM85cqhBKNH40JWzcrbIz9lTdKeH7rLz2mw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c6bd9826ca442b8-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8082
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEDhxPch29ZJDp5ZyUrxrFik&google_cver=1&google_push=ATf1kGPghvIxxpUx6n57cqg-K1utHkyOQpQAxPM8zdwW7JUqj4V7sXcrsPr_B-X80Qcbxe5GF2lDs8Hl_zgTNsko19_fzBaJufs7yw
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGPghvIxxpUx6n57cqg-K1utHkyOQpQAxPM8zdwW7JUqj4V7sXcrsPr_B-X80Qcbxe5GF2lDs8Hl_zgTNsko19_fzBaJufs7yw&google_hm=UjMzNjQ1XzEwMj...

170 B
232 B

43ms
42ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGPghvIxxpUx6n57cqg-K1utHkyOQpQAxPM8zdwW7JUqj4V7sXcrsPr_B-X80Qcbxe5GF2lDs8Hl_zgTNsko19_fzBaJufs7yw&google_hm=UjMzNjQ1XzEwMjlDRTFGNV8yRjFDNzA5NA%3D%3D

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGPghvIxxpUx6n57cqg-K1utHkyOQpQAxPM8zdwW7JUqj4V7sXcrsPr_B-X80Qcbxe5GF2lDs8Hl_zgTNsko19_fzBaJufs7yw&google_hm=UjMzNjQ1XzEwMjlDRTFGNV8yRjFDNzA5NA%3D%3D
Date: Sat, 13 May 2023 15:14:10 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-366995635; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 348
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8082
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPF1-Fpqe1ZrkdGagPp4FbM&google_cver=1&google_push=ATf1kGN7vyW4MJTH2eq7vge_WIZnbxboYg32P77YsvFc8F_kVPTjXe80T1K85lPHgLUxSfz857zzR...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGN7vyW4MJTH2eq7vge_WIZnbxboYg32P77YsvFc8F_kVPTjXe80T1K85lPHgLUxSfz857zzRPofIKyZitmiGmf-vhSynjP38eY

170 B
232 B

51ms
41ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGN7vyW4MJTH2eq7vge_WIZnbxboYg32P77YsvFc8F_kVPTjXe80T1K85lPHgLUxSfz857zzRPofIKyZitmiGmf-vhSynjP38eY

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 13 May 2023 15:14:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 64A8AE4DC33B4C7F989294F8C16B1DEE Ref B: EWR30EDGE0412 Ref C: 2023-05-13T15:14:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGN7vyW4MJTH2eq7vge_WIZnbxboYg32P77YsvFc8F_kVPTjXe80T1K85lPHgLUxSfz857zzRPofIKyZitmiGmf-vhSynjP38eY
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7lKx59PLW/ANFDVMASg==

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8082 0
173 B 192ms
14ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEF8TjwgGzKfrfORhF4R_MEg&google_cver=1&google_push=ATf1kGP8bqL_cTcTKuEi30mmgs6J1KA14ZAkvYdjkbxzFvP9Mf64IoPAFYSfmDmBsVJX7mqeiVcJfS3PgH0O1SYH5MRCifz7FaCIlwc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8082
Redirect Chain

https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEFu2c6gvMOKKXwsbNDikSDM&google_cver=1&google_push=ATf1kGOj3TU9vvsCat2R_6FbN_taOW_tklwNhBdFIIfqz6i3tUVtNifizbsWfqLgTvKf7-cIxnU7C81zUc4i...
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=ATf1kGOj3TU9vvsCat2R_6FbN_taOW_tklwNhBdFIIfqz6i3tUVtNifizbsWfqLgTvKf7-cIxnU7C81zUc4iXl8dsB9ZH5Ui--yQhLU

170 B
232 B

39ms
38ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=ATf1kGOj3TU9vvsCat2R_6FbN_taOW_tklwNhBdFIIfqz6i3tUVtNifizbsWfqLgTvKf7-cIxnU7C81zUc4iXl8dsB9ZH5Ui--yQhLU

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 May 2023 15:14:10 GMT
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=ATf1kGOj3TU9vvsCat2R_6FbN_taOW_tklwNhBdFIIfqz6i3tUVtNifizbsWfqLgTvKf7-cIxnU7C81zUc4iXl8dsB9ZH5Ui--yQhLU
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 197
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8082
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDyLXSWO4H98D1q8rni4ONQ&google_cver=1&google_push=ATf1kGMslG2fLyNc98ZB04972ktFOXf0bM4-ZvaWS_IOIokfzKtUloznAQ-SDZ3BSKpLYjgjRT3jet3IU-vl_...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDyLXSWO4H98D1q8rni4ONQ&google_push=ATf1kGMslG2fLyNc98ZB04972ktFOXf0bM4-ZvaWS_IOIokfzKtUloznAQ-SDZ3BSKpLYjgjRT3jet3IU-vl_...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMslG2fLyNc98ZB04972ktFOXf0bM4-ZvaWS_IOIokfzKtUloznAQ-SDZ3BSKpLYjgjRT3jet3IU-vl_RX4iQKUzPbw_eHleUQ&google_hm=dmZfQ3pTVE4xTkoxM...

170 B
188 B

39ms
37ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMslG2fLyNc98ZB04972ktFOXf0bM4-ZvaWS_IOIokfzKtUloznAQ-SDZ3BSKpLYjgjRT3jet3IU-vl_RX4iQKUzPbw_eHleUQ&google_hm=dmZfQ3pTVE4xTkoxMmJCYVJqbF8=

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 May 2023 15:14:11 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMslG2fLyNc98ZB04972ktFOXf0bM4-ZvaWS_IOIokfzKtUloznAQ-SDZ3BSKpLYjgjRT3jet3IU-vl_RX4iQKUzPbw_eHleUQ&google_hm=dmZfQ3pTVE4xTkoxMmJCYVJqbF8=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 239
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8082
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEBpe6sphWILyuYb6cNhi2Bk&google_cver=1&google_push=ATf1kGMemBNNT1wQoHdBKhD2VzDEErTi--3HW0EtYPW8Z2q1nSYPs0hSE0oWl5vFC6ElJMtfnCrD...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEBpe6sphWILyuYb6cNhi2Bk&google_cver=1&google_push=ATf1kGMemBNNT1wQoHdBKhD2VzDEErTi--3HW0EtYPW8Z2q1nSYPs0hSE0oWl5vFC6ElJM...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=BkB6_zb5TNu2If4y5APjHQ==&no_redirect=1&google_push=ATf1kGMemBNNT1wQoHdBKhD2VzDEErTi--3HW0EtYPW8Z2q1nSYPs0...

170 B
188 B

44ms
42ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=BkB6_zb5TNu2If4y5APjHQ==&no_redirect=1&google_push=ATf1kGMemBNNT1wQoHdBKhD2VzDEErTi--3HW0EtYPW8Z2q1nSYPs0hSE0oWl5vFC6ElJMtfnCrD3Hxyn6Ii99fdaudVZTZk5n0xxbyi

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=BkB6_zb5TNu2If4y5APjHQ==&no_redirect=1&google_push=ATf1kGMemBNNT1wQoHdBKhD2VzDEErTi--3HW0EtYPW8Z2q1nSYPs0hSE0oWl5vFC6ElJMtfnCrD3Hxyn6Ii99fdaudVZTZk5n0xxbyi
date: Sat, 13 May 2023 15:14:11 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8082 0
40 B 268ms
40ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjJEES3pPZGiEb4DrETpNWJ5wWvfqWfaGeMj6L45IsQ0yFyFpk3ekkSPdjW9d_dp8_0RzGSA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 92ms
52ms XHR
application/json 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3110e154fe533506f7cf501ed12235d367d60850d1df1e75e4f236e2a2e90e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11285
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC70 42 B
174 B 110ms
81ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-NgUtHNNAoReEvWmpJsaRdQrK7nkRAADrq3jXH9ZIPCPEj0xC22GgsGbnCoN4zkeOeZCB6p2Cqj9-K6pghY75FVvcZLdWVGdaGk4CpIgcohZ-HzquimTLqbcp2ghp8LVnits&sai=AMfl-YShtxW35zocnSX8l79JDBem-yoH01dAn7f4zYWwFAT7QLOZcQGNtiZffdCnX6-DTOw80Lc7H9MvEcsD&sig=Cg0ArKJSzAA-rXIM14-qEAE&cid=CAQSGwBygQiD8l1u3ONGnbsTQTuNDCKddCffKINOQhgB&id=lidar2&mcvt=1053&p=0,0,600,160&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683990848259&rpt=796&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1446 37 KB
14 KB 14ms
12ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3745060078&adf=3938740673&pi=t.aa~a.3600466503~i.55~rp.4&w=770&fwrn=4&fwrnh=100&lmt=1683888173&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7955184683&ad_type=text_image&format=770x280&url=https%3A%2F%2Ftimebusinessnews.com%2Fzara-larsson-bitcoin-code-erfaringer-2023-svindel-eller-legitim%2F&fwr=0&pra=3&rh=193&rw=770&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683990848007&bpp=3&bdt=3182&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a4238a0003be51d-228106c49edf0026%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ&gpic=UID%3D00000bf3341490b3%3AT%3D1683990846%3ART%3D1683990846%3AS%3DALNI_MZva1QIcfjLZHMLYBo68ch043f1cw&prev_fmts=0x0%2C1200x280%2C770x280%2C770x280%2C770x280&nras=6&correlator=3500262067733&frm=20&pv=1&ga_vid=1653978787.1683990846&ga_sid=1683990846&ga_hid=2098427912&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071755%2C31074198%2C31074468%2C44785293%2C44788441%2C44792089&oid=2&pvsid=4404723886216441&tmod=2030622432&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=O7eOpJ6d7F&p=https%3A//timebusinessnews.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0A6F 0
54 B 115ms
114ms Ping
image/gif 142.250.74.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhm4o6ys&c=3483193778641&slotId=1741596889320.5&qqid=CJvK3eHK8v4CFYbX4wcdQpUApA&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a174bc86ea41e2de18803eb20b910c3d.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: arn09s21-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 15:14:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
58ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 May 2023 15:14:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C615 13 KB
5 KB 26ms
12ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 77520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 17:42:11 GMT
expires: Sat, 11 May 2024 17:42:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E35 783 B
534 B 55ms
41ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1af75815b2b7e110cabd0fcf300a9474c06387f4f1e7178699810fcca84e994a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FT3r-3_sHMg0pPd5S_hJDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://timebusinessnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-FT3r-3_sHMg0pPd5S_hJDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 15:14:11 GMT
expires: Sat, 13 May 2023 15:14:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response
pagead2.googlesyndication.com/bg/ Frame C615 37 KB
15 KB 20ms
12ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 17:42:10 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E35 0
0 46ms
44ms Image
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=4404723886216441&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C615 0
10 B 12ms
12ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?E9nP0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:14:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
67ms Image
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=4404723886216441&bg=!z8ylzJjNAAYldGN0BXQ7ADkAdvg8Wp6B0HUmXmfOWVKeKel0GcCZLxwvEivTwbkmU2QOakhYuIfNypKoYLxxHPNSL7AfR6KBIcwCAAAAzlIAAAAKaAEHCgDVAWUAq-2YQZDXjloxldaTKgjcoOZW_VXTNST837uhbIhkb0Bmj9rvv_dE1vPDNGBm8_0SHBx02G2_aOSdE6hLBlHTgqpoRaQuF2lNHBjYrVUD_iYixaMcXXXvOa-hZu0jsTZIzF6CBbuQldY08NaOk7SIYFc4vdV5Bp_QshcL1Vp3-Gny2BnVYCZkpzrgdw8k1Ha4TlGLOSWwvw4eSJkB75MdXJ5xOTjsvQforzb7p2ivrZwBhyQV1I8UmV-31ad3AFGQIQhMrXAHKlUE1eiWts8A3gDumQKhTUwylV-d6b8v9KupS8wXVl0HNWnGRefdYSHqen_iRqd6wTzA6oxL9PPUw0X9AyQqbHADK5Ew5IWa230yO63rHtQYkIyH2eciPoERrs2wSP2HruvTDDRVANKR9qwOvzltoW0UxYKsWgQAhxTWvkEhxWaGEqzkoMcSE2V7GIyVec7Tg2D2C_1T-wWBhpX1X1zvYJ15_Mg3NAkZLtTQNUs5kH9bUsXDGOQnkYB50IWlVj5JiKFA2j9YQceVfyYKpz9MlqjlE_q8C4gyDAinwcNUKjetc84fvBc_vZRkj2mdT02NcYxcxaaIAUY509i4HePLigEJ76bsdkMFr-g9wjgKUw_4d9CeCsKe5n0QWtG8V-i3xjWQjD_Hvh-vAYQtwFrMfpdUX3PACBDYhIUFXmyBdcTK0wjKRRSm02TS-DowBidS_-B1zCBUNmTypx32m88JmyJvgqOmZek8vGjC4dQbjL0_I2-nItQWZm33OLFZIzn_t1hdfocTi-0-UzCYPCgLKs83caDfKwzsaMo1aKCOa6wTZv_xDD9bBl9TF6WZIOdLeir3rmCpE5-qioKpb2e8LaBLb7C0ZpQN6-2kla78Sd93ql1bTQKCZKul4D1yFmZ9cWNrJODzgZRNBa_4mlXAjNbpTKXgcTUAhsUNb2rWb6y_2HWZ6hbJOgPlHMzf8hCfmdKJAEOA5JUbL3IpVr-_R1HYOoYIUpBrvGYqKE9GRoXR04U0K1hpVVtOKqiJRadw0sL9qHz31R3Lv7WguYoTwM3QSTL_9ZjyCiKz5hezemXnkFIjaM3RSg5lWyRDhdNNeX64RV05Obkz6EAeroh3JWugoshm3_tR7kjenVqyplbLbl21tRbpNwvC0mvmltPZ2wBZII-QpI2NklPWLpMMfw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://timebusinessnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.timebusinessnews.com/	1970-01-20 21:22:30	Name: _ga_46K0RZPMQK Value: GS1.1.1683990845.1.0.1683990845.0.0.0
.timebusinessnews.com/	1970-01-20 21:22:30	Name: _ga Value: GA1.2.1653978787.1683990846
.timebusinessnews.com/	1970-01-20 11:47:57	Name: _gid Value: GA1.2.1100090363.1683990846
.timebusinessnews.com/	1970-01-20 11:46:30	Name: _gat_gtag_UA_181915405_1 Value: 1
.timebusinessnews.com/	1970-01-20 21:08:06	Name: __gads Value: ID=7a4238a0003be51d-228106c49edf0026:T=1683990846:RT=1683990846:S=ALNI_Mbxyh8so-_8_5L930VywcmkfgloPQ
.timebusinessnews.com/	1970-01-20 21:08:06	Name: __gpi Value: UID=00000bf3341490b3:T=1683990846:RT=1683990846:S=ALNI_MZva1QIcfjLZHMLYBo68ch043f1cw
m.stripe.com/	1970-01-20 21:22:30	Name: m Value: 89789f52-27fb-42f6-af16-be73e01737426793ee
.timebusinessnews.com/	1970-01-20 20:32:06	Name: __stripe_mid Value: 96ea0298-491b-4690-b29c-c405b6802722b3d468
.timebusinessnews.com/	1970-01-20 11:46:32	Name: __stripe_sid Value: 47131e58-92c5-4565-97a0-742e71d51fdd2afc4e
.doubleclick.net/	1970-01-20 21:22:30	Name: IDE Value: AHWqTUlb-ZfVnRbQpy8NVv4shTiJI--YASD7Wr0uSCAOfwZqiv8TWAUavL7sJQbUt7Y
.doubleclick.net/	1970-01-20 11:46:34	Name: DSID Value: NO_DATA
.adingo.jp/	1970-01-20 12:29:42	Name: ID Value: bc616292a1a6e6c4a3aefdcccdbbc5e7
.blismedia.com/	1970-01-20 20:32:10	Name: b Value: 645FA942D1AA19E5FC235166BLIS
.mathtag.com/	1970-01-20 21:12:26	Name: uuid Value: abc5645f-a943-4900-94c4-5a64eb4d44e0
.mathtag.com/	1970-01-20 12:29:42	Name: mt_mop Value: 4:1683990851
.mxptint.net/	1970-01-20 21:22:30	Name: mxpim Value: R33645_1029CE1F5_2F1C7094.1.645FA942
.pubmatic.com/	1970-01-20 11:47:57	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 20:32:06	Name: CMID Value: ZF.pQm3cLI4nbNNJbQVZvAAA
.casalemedia.com/	1970-01-20 13:56:06	Name: CMPS Value: 3534
.casalemedia.com/	1970-01-20 13:56:06	Name: CMPRO Value: 3534
.dotomi.com/	1970-01-20 11:46:30	Name: DotomiTest Value: 6d5335f06a052300
fksnk.com/	1970-01-20 11:56:35	Name: AWSALBCORS Value: CgyiG5dbunrwVgQ8l7oCVW6uysCRj5PesN2QWEYhB6Fv3p6gqOQg1NgX13zp7+58erc8qUUIu6KIs2Igj5guKf1cpWHgCK/p75BHUDaivTVlz9tlmM5IBR50tL6C
.fksnk.com/	1970-01-20 13:56:06	Name: f_001 Value: DBF3C166661FCCE2
.fksnk.com/	1970-01-20 11:47:57	Name: g_001 Value: 1
.mediago.io/	1970-01-20 20:32:06	Name: __mguid_ Value: 4cb73c118a3d6c463ff1325ed5586dc9
.sitescout.com/	1970-01-20 20:32:06	Name: ssi Value: be356c39-ddb8-43d2-8610-da0d4a42781a#1683990850951
.turn.com/	1970-01-20 16:05:42	Name: uid Value: 4128281834213858504
.teads.tv/	1970-01-20 20:30:40	Name: tt_viewer Value: 2404e9fb-90f4-438f-b550-fa68556b5469
.ctnsnet.com/	1970-01-20 20:32:06	Name: gid_CAESELxokedZQ779BgMtQk8Pkfg Value: 1
.ctnsnet.com/	1970-01-20 20:32:06	Name: cid_389565210d70459f89ff09b5a0f7226a Value: 1
.mfadsrvr.com/	1970-01-20 21:22:30	Name: tuuid Value: 06407aff-36f9-4cdb-b621-fe32e403e31d
.mfadsrvr.com/	1970-01-20 21:22:30	Name: c Value: 1683990850
.zemanta.com/	1970-01-20 20:32:06	Name: zuid Value: vf_CzSTN1NJ12bBaRjl_
.linkedin.com/	1970-01-20 20:32:06	Name: bcookie Value: "v=2&95df865a-bbdb-466f-8f14-315e95737e4b"
.linkedin.com/	1970-01-20 11:47:57	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3013:u=1:x=1:i=1683990850:t=1684077250:v=2:sig=AQFZAtDMS3RJbhBMTyY36N84dZid6pAC"
.uuidksinc.net/	1970-01-20 20:32:06	Name: jcsuuid Value: iH8tiSdZEa6tgs9K5QSu
.yandex.ru/	1970-01-20 21:22:30	Name: yuidss Value: 8683776221683990851
.yandex.ru/	1970-01-20 21:22:30	Name: yandexuid Value: 8683776221683990851
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129XaNTM0NsKgKK0qqcCkMyw0rNHCO8gQAmiSp8h4AAAA
.rfihub.com/	1970-01-20 21:08:06	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129XaNTM0NsKgKK0qqcCkMyw0rNHCO8gziNTSzMLa0NLAwNTQwNHrFiMI3BgBs4TBAPQAAAA
.rfihub.com/	1970-01-20 21:08:06	Name: rud Value: H4sIAAAAAAAA_-MStjC0NDIwMDUwMjS0NDM3tzQxNBDiM9R1TAwt8rf09Q0tsLAEAIr9hP8lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MStjC0NDIwMDUwMjS0NDM3tzQxNBDiM9R1TAwt8rf09Q0tsLAEAIr9hP8lAAAA
.pubmatic.com/	1970-01-20 20:32:06	Name: KADUSERCOOKIE Value: 3A048B94-2855-4746-916F-97A4BC4A0D0D
.sitescout.com/	1970-01-20 12:29:42	Name: _ssuma Value: e30
.mfadsrvr.com/	1970-01-20 21:22:30	Name: tuuid_lu Value: 1683990851
.mfadsrvr.com/	1970-01-20 21:22:30	Name: ssh Value: !google,1683990851
.tribalfusion.com/	1970-01-20 13:56:06	Name: ANON_ID Value: amnsIHy4ZawFBA9MAJPnkZdGAQ7s5OyQA9KZaPduV7EOByZaFTuHhkOqreZbDMIBfB7AVB8ua5N0Gfrf0UcYWvgXyHnnm

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bitcoinclevercanadareview.com/wp-content/uploads/2023/02/2R-300x149.png Message: Failed to load resource: the server responded with a status of 415 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://bitcoinclevercanadareview.com/wp-content/uploads/2022/10/dollars-300x225.jpg Message: Failed to load resource: the server responded with a status of 415 ()
network	error	URL: https://bitcoinclevercanadareview.com/wp-content/uploads/2023/02/1Y-300x300.webp Message: Failed to load resource: the server responded with a status of 415 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271802&client=ca-pub-7554934826467559&fa=2&ifi=13&uci=a!d&btvi=7&xpc=CO5NaGlkNu&p=https%3A//timebusinessnews.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
ad.turn.com
adservice.google.com
aep.mxptint.net
an.yandex.ru
b1sync.zemanta.com
bitcoinclevercanadareview.com
cc.adingo.jp
checkout.stripe.com
cm.g.doubleclick.net
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
earnmoneycrypt.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i1.ytimg.com
image6.pubmatic.com
ius.ctnsnet.com
js.stripe.com
m.stripe.com
m.stripe.network
node-10.zeno.fm
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
px.ads.linkedin.com
q.stripe.com
r.turn.com
rr5---sn-ab5sznze.googlevideo.com
rtb.mfadsrvr.com
s.tribalfusion.com
s.uuidksinc.net
s.w.org
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stream-034.zeno.fm
sync.extend.tv
sync.mathtag.com
sync.teads.tv
timebusinessnews.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
139.162.141.183
142.250.74.3
142.251.16.157
142.251.41.3
15.235.14.140
151.101.64.176
158.69.60.171
172.217.13.130
172.217.13.138
172.217.13.142
172.217.13.162
172.217.13.168
172.217.13.174
172.217.13.193
172.217.13.194
172.217.13.195
172.217.13.196
172.217.13.98
192.0.77.48
192.124.249.3
192.40.39.223
199.38.167.131
207.198.113.86
23.192.30.145
2606:4700::6812:18ad
2606:ae80:1451:11::2040
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
2620:112:f002:bbbb::21
2620:1ec:21::14
2a02:6b8::90
3.224.179.135
3.234.173.148
31.220.27.135
34.236.164.132
34.96.105.8
35.186.193.173
35.207.24.140
35.208.249.213
38.98.69.175
44.226.104.41
5.45.70.122
50.31.142.63
54.187.119.242
69.173.151.100
74.119.119.150
74.121.140.211
74.125.172.202
8.28.7.81
0004a68f02d2b5c9f0d71d2e7e1be0c097a6ee4b3124a9af82a287f4252a3a0d
018a0e998aad724f04245028a7e006e29c2173d747de8690e7a4a301955788a8
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
024739417ce84497039db4512af1f70ee03ba45e429d8967e8535c0231cbed4d
03382ac2fd7fe0d58ae2f81964b332bd34dfc9cc5145a10e61cb5e776aef5e2b
072f0c64dae4905a6519fee8e36fd72519c17367346bc565d240f37a9599cee7
07a3a331e53f400def66fda9b7da32114dd2a87cfc53ba254da390db3ca67466
08ff25d092cc6ea493ad5c92c22e6f4a6aec3e33d5e456cf93288b338c4b7372
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0cdf8f2189f24a7ae0e8bca5b13754bbc9e37fdd3cea5fe3728da9ba36ac2b79
1155981e8193622f58553eed0bba2fa43512af362a3d54dedef64c46970bb371
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
12c07c825a015b802414575bad03c82ead3dd7eccf98d10d529a5493b569c21b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a9ed50d9775025a3cf6ed71efefc6ddabadd41252352c5bf88a1888b803cb05
1af75815b2b7e110cabd0fcf300a9474c06387f4f1e7178699810fcca84e994a
1cf40205f47ace53e8f890071319e93de05cce0ff042bada6b01acd06969cabc
1d7666209fd78007af6f00e6183895d519ddfc041df9b609274ea6f35e8ea3e3
1effdafaa2ff6aee903b0691f9202aed909b2dca695867c551cb486be70984c8
1f217827bc4ca35bbd1249218ca6abc882584dddfaf75b02480968c1fa71cff8
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2386ccedd4a14a34d3fa37fa8904e7b2ef09c18f73eeaea3f81a047579cca872
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
29880e4a092f2b2db1d619d9a468eade9850d07f3a867215f455cc972bc28db9
2a01877bd9c1d21dc481c4d5e7f4a3bdb89f1747b19a0683d3568dbc926d5043
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3023c1c85c9215334a37d941fbea1e8bf0ad7df61d126cc3d8654ee7854d0e23
3110e154fe533506f7cf501ed12235d367d60850d1df1e75e4f236e2a2e90e1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319f4bf962a67269c510dda875088e081b63f5bec15049c2c545e9e9fe49c87b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
357201dedf46672163a0b8694cb297c5351c6d25402c76b625b3c9ae7305b0e0
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3af2a681c2bad1ac5cb5e28212f14510265f0f27059c62be78ecec567706e7ef
3c4ded5da410516963ce4abaf335f688fa257f1ff93c9ecf034fc715c4f1fb96
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3e17cc727628b9dac5551175ab0d1ee073be7000f44792ed5987c0e06a56d83e
3f0ad8fce7af1098d4a17d54da4c3374a842dbeff12ed949c6325c98630303f0
41b89a54fdc2876c7f8cf54dadbf1550f9f551c8b0af069fbd91a6ee129f0329
42db9d0583bf3c857f44efa6b97c40114594ddd6f036fc582fd2910c704412f0
447b8d5587a7b6a40aaf19b770f6c1561a2499a34d42631c1979e40cc8636546
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4690fd6b38ae389ba8b837fd242a4bffe96448ada7e9fec0123e1b087123fd55
477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4abb42638aed204a1a1d5e9531ea94c593f2bbb9b3b33f6eb780a129f337600f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dea1b53bf41f4c95852328762f93092299bbe2eb345d2d93e12433ac201809f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
5264b2b7670d257f2dbacbd851a1125ee00dc8772fddc9f6629210c79c06b7fc
534705c44bfef366cfe7658ad162477ab0a566f481bd19a5c42df5f9ed2ef587
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576c19f6140a328c4af9fa9e04f764efbe570b0e8e3e4f0f66c5bdde58562a8a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738
6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63d576b7e46477e414fccfa292d0415a192bd4a3ddb8ef4452f94d84554e18ab
64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f
6532aacaf914f6b6ef8493cba9ad7f0e1abaeb50923bb1df0a9302e7b4841eae
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
70816a28ff9042110efbeb5c72a86db83f77eba43c852dc1c84417cef1cf9371
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7206cf318a71ac0cd59d710fd6318de5bb647e95a1d6dada870eded122b1f0e7
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
785e5efd4b9a9588e431b12b550d2f06fcf44649a0da1df8e15f1ef90e7a5cf1
79e7b273992f17fd791bd957f30acb8db997193ed8a58e9e9ab19a0b38de10de
7c687daf4f7d3a36b3eb7a221d79de8689ac0cb6488c323dfe1340a31ffb428f
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7dfcfff070cbfeb929f6cb8b743d691bb330b294cf9b6b387c43428ded8036d4
81264a0be7d9cacdea4629e9a6767a492f8b31e3feb798cced3c7edfec1fccc2
8205e0200ba4f3ae9b301445d172f2529fb3ceae73c7df99baac724bb937142e
82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8999176e75d2175a0203e7caea62abed75f73c0d95fc8ebea918fd13abadf7cd
89de577de8f862e95a454c41ac90d87fbe4cec0d1a904cbdae70c2f5c0a4d430
8ab0d3d2a07a49962f9543d4c701f01e0e667a565d7e1aa31d09e0def5d3db92
8b183042b3572e7cbd7b41e3ed43de9396ecd6a5ceeaaf0089e7a5c17b14c730
906a1c7b899193c5ff4f6a373f6584155142dcaaaf3d7d2c2c71bd3cd02a8b42
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96fc24ebcd17188170c6f441f7ae3908b6a821e7c68923885b18dcbea9a45c08
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
9edccb39ba9e6d436e7a752b2be90ead4faa245c199a46ab4c49fcfc56e05419
9f287d9d28191831f64d8307cd35b4a1ebea93594fd09400cff939a0e4738979
9fd1ac29b9a8c1cab71f5233bff4d939ca7e79e12feb36f2f81e036656e36d1a
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
a1271ebbf1c80a4e963b4f91eccd41c2651fd3f6cd529984d5c54bcbd004d354
a1db467cf90411702dc469a6a27601617242eec916601ff8ccf9306b36bf3ea2
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7c8c0679fd5fa5f44df7a73df8fa84adc48afbc1b698db7deec24e880a17e2f
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad419adf538fcddbc50cf266b0e4c40965c84919745f6d09507c6b17531531e1
aecfb2458caca6aa9b0e1dab3eab42d1e92643bc856497af633dd370651949ae
b0d6e71e48de130e4b0a7e54ddaee478df73dce7ace894f8e5525ce85d2fcdfe
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b7ce6adefb5723f3e603275e7f4eca08819706555f1cf3abe0b16f047cb46e23
b823b895dc13edabae801444205385a58451154b87e4b3461dacaec18b6c0f64
b97fd73ecd088bde212a037256d64a8f7244d7705bb4fb9b32cc7b8fcd465b72
c14c5e17dfe628e18a965eebff2c03cc7cd0fdb06529f6415a800dedf57884c8
c2e0faa0bc554b9a86d51ec14488bef748c400cfc8f61e57b3d2e4688f11f983
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
cc6d6250835c3d26e7301d608ea746588342bcb4e3b1132ea55cceed814200b4
cc9c7b14fe952d6377ff29fb3c1e11624e1528af914793a248b5ccabbb06e7ae
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd21139cdb86853965f8b979b2b331a277681a58b55e990826b99dc1fc0d49c9
dd55bbc4bc78a70af7e054c169712e827e3dea19a24901895fa00d65fcb1313f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea
e04770221e9e733bf98ca51d027dd659296604449e57cfec24c21c737324a904
e379a211e75642755c7b975859d84ebf76697490618e8a6127a41036ef82f2df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e461b281292f9c0a421c3773dbaa82d534a534de4c7b93ade129306f9aec625a
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e53e125865039a006f0c5abe2018ae90bd9545d5f804fdecab4d566cf5d830f9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea31f10edab8222e4e66001e64f74b3e91f0fe42ca5ee682e09def8a6509fd9d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec5ec1a4386f8c2ce0bea88f9a5fbce8d36226aa30e3168977b3444a077463f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc089495e9aa5afd8cf9ae12fe7c9af5524e8eb422de89b2d65d9736e79a899
f0f10cb741c780aebe10eca58f71105bbfdd1e0d67e4efa9947cc239ae4cfa16
f1f9eda417444f06ef060dd832d8821c84f081a98cdf62acfe981f5554c894dc
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f267bf50a772c22db08fae3fa2aaa157602b1fb8d321ee8109b33f6f131c8beb
f2b37bf2f2b55fe6c4c1b0f546effc9f1c6ec29d87176ee1c0ceb2c62ae77e24
f3e547dd68cdf81e0eee07f2cd672da320942336f3db781d19c134220125ab6f
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f74803d791ee50c6f225d9a5155ca9fa6769058720c258f0cbc9da1a3b9054e7
f881307facf7bd0eb3a32367475b998591789281d3328347aa73d0e3c56d7daf
f893d0b012eb8213fb5c54ef29d8f6f5fdde8bfc49d8155f07660c50f6ddb507
f8b57025e29c01daf0af06f29eeb73595fd199b12ff714b1ac832c1b33a15d48
f935254bd129bdaf9c4b0b17e93a967a3e5e64a002dc72fc3289bb5a19b4ebbc
fa7b804475d037bb16a2a4309729a3c30fa056730818284e133bcdf7654ff4b2
fae5e762f21bd335cd61db83060457a02b893359cf0c7596e8b55c414b9a1ef6
fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

timebusinessnews.com Open in urlscan Pro 192.124.249.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

263 Requests

89 %HTTPS

16 %IPv6

41 Domains

57 Subdomains

33 IPs

5 Countries

9051 kBTransfer

21155 kBSize

47 Cookies

19 Outgoing links

Redirected requests

263 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

timebusinessnews.com Open in urlscan Pro
192.124.249.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

263
Requests

89 %
HTTPS

16 %
IPv6

41
Domains

57
Subdomains

33
IPs

5
Countries

9051 kB
Transfer

21155 kB
Size

47
Cookies

263 HTTP transactions
20 data transactions