all-news.co Open in urlscan Pro
5.189.131.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tiptopessen.online/?Z289MSZzMT0xNjIxODE0JnMyPTE4NTE3ODYyNyZzMz1CRQ==
Effective URL:
https://all-news.co/
Submission: On April 18 via api (April 18th 2023, 10:43:28 am UTC) from BE — Scanned from FR

Summary HTTP 270 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 35 domains to perform 270 HTTP transactions. The main IP is 5.189.131.58, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is all-news.co.
TLS certificate: Issued by R3 on February 26th 2023. Valid for: 3 months.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.25.194.235 85.25.194.235	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1 31	5.189.131.58 5.189.131.58	51167 (CONTABO) (CONTABO)
6	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	52.46.131.85 52.46.131.85	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
11	108.138.17.219 108.138.17.219	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:225... 2600:9000:225e:6800:1d:d7f6:39d2:2dc1	16509 (AMAZON-02) (AMAZON-02)
4	52.94.237.66 52.94.237.66	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	3.121.161.233 3.121.161.233	16509 (AMAZON-02) (AMAZON-02)
25	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4 4	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:7781:4495:ac65:b0a4	16509 (AMAZON-02) (AMAZON-02)
2 2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	3.229.46.135 3.229.46.135	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	52.57.125.56 52.57.125.56	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:3c62:769f:9ada:eb15	16509 (AMAZON-02) (AMAZON-02)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
2	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
1 1	35.187.21.229 35.187.21.229	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:a741	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.210.125.176 23.210.125.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
270	30

1 85.25.194.235 (Strasbourg, France) 1 redirects

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: partyme.org

tiptopessen.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 5.189.131.58 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi481268.contaboserver.net

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.131.85 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 108.138.17.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-219.fra56.r.cloudfront.net

wms-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225e:6800:1d:d7f6:39d2:2dc1 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.94.237.66 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.161.233 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-161-233.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.237 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:7781:4495:ac65:b0a4 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (Hessen, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.46.135 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-46-135.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.125.56 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-125-56.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:3c62:769f:9ada:eb15 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.131.136.1 (France) 2 redirects

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcb.happ-e.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.187.21.229 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 229.21.187.35.bc.googleusercontent.com

latner.rentalmotorbike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:a741 (United States)

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.125.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-125-176.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	749 KB
52	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	212 KB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 23943 ad4m.at — Cisco Umbrella Rank: 9478 assets.ad4m.at — Cisco Umbrella Rank: 31150	1 MB
31	all-news.co 1 redirects all-news.co	3 MB
19	amazon-adsystem.com ws-na.amazon-adsystem.com — Cisco Umbrella Rank: 21397 wms-na.amazon-adsystem.com — Cisco Umbrella Rank: 32748 fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 9784	37 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	217 KB
10	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	439 KB
8	metaffiliation.com 2 redirects action.metaffiliation.com — Cisco Umbrella Rank: 129967 img.metaffiliation.com — Cisco Umbrella Rank: 60806	281 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547 static-de.ad4mat.net — Cisco Umbrella Rank: 111741	11 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	5 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	2 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 1332	3 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 908	3 KB
4	google.fr adservice.google.fr — Cisco Umbrella Rank: 29671	940 B
4	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 419	9 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1886	550 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	920 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4805	207 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	733 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1063	798 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	876 B
1	happ-e.fr vcb.happ-e.fr	2 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15474	704 B
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3295	25 KB
1	rentalmotorbike.com 1 redirects latner.rentalmotorbike.com	464 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	715 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7904	553 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1020	545 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2452	704 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3974	1 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2258	297 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 1006	786 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	605 B
1	tiptopessen.online 1 redirects tiptopessen.online	292 B
270	35

	Domain	Requested by
39	tpc.googlesyndication.com	googleads.g.doubleclick.net all-news.co pagead2.googlesyndication.com tpc.googlesyndication.com
31	all-news.co	1 redirects all-news.co
27	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net all-news.co
25	cm.g.doubleclick.net	googleads.g.doubleclick.net all-news.co
20	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
18	assets.ad4m.at	as.ad4m.at
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
11	wms-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
9	www.googletagservices.com	googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
6	action.metaffiliation.com	2 redirects as.ad4m.at
6	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
4	pm.w55c.net	4 redirects
4	c1.adform.net	4 redirects
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.fr	pagead2.googlesyndication.com
4	fls-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
4	m.media-amazon.com	ws-na.amazon-adsystem.com
4	ws-na.amazon-adsystem.com	all-news.co
3	rtb.openx.net	googleads.g.doubleclick.net
3	static-de.ad4mat.net	as.ad4m.at
3	prod-rtb.ad4mat.net	all-news.co
2	pixel.rubiconproject.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	img.metaffiliation.com	as.ad4m.at
2	onetag-sys.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	vcb.happ-e.fr	as.ad4m.at
1	www.awin1.com	as.ad4m.at
1	res.cloudinary.com	as.ad4m.at
1	latner.rentalmotorbike.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	a.rfihub.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	tiptopessen.online	1 redirects
270	45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
all-news.co R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon	`2022-11-02` - `2023-10-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
wms-na.assoc-amazon.com Amazon	`2022-08-21` - `2023-07-25`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-26` - `2023-10-14`	a year	crt.sh
fls-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.metaffiliation.com Gandi Standard SSL CA 2	`2023-03-06` - `2024-03-20`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
vcb.happ-e.fr Gandi Standard SSL CA 2	`2023-02-09` - `2024-02-23`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://all-news.co/
Frame ID: 13ED3754E9E484692333EF082BB89308
Requests: 52 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B07N7PK9QK&asins=B07N7PK9QK&linkId=906fbc5bf051ce6dc9b19467bd0167b8&show_border=true&link_opens_in_new_window=true
Frame ID: 43506375B98D3C4D99635B38152186ED
Requests: 6 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BF9GPRCB&asins=B0BF9GPRCB&linkId=367e3236925d75a89adf492434ed9b8c&show_border=false&link_opens_in_new_window=true
Frame ID: 2490E32FBBD4339E3BEB656B20672228
Requests: 6 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BBKDMMB7&asins=B0BBKDMMB7&linkId=caad0566587b3d908c0926c7a3213e67&show_border=true&link_opens_in_new_window=true
Frame ID: C74B348381A33B5F710F149E3E06F0BC
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html
Frame ID: 47141ED9AE468C953CA420A12EC18B64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1681814602&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814602020&bpp=7&bdt=422&idt=293&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8747767644896&frm=20&pv=2&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&pvsid=3008958241035527&tmod=1839741348&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=359
Frame ID: 70D3439CD521753016EE9EAC07754871
Requests: 1 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Frame ID: 9AC99611B052F90BBAD314FB74460EDE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1681814602&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814602400&bpp=25&bdt=802&idt=25&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&pvsid=3008958241035527&tmod=1839741348&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=c9CbvahYUC&p=https%3A//all-news.co&dtd=29
Frame ID: 369EFAB688EF29B9E1F44C00572C2A6E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9D20781E3E8B0F176706C367DFD3A3CE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 587FCC9F013E7245A802E9AC72072615
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280&nras=2&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i8hTFJMrV5&p=https%3A//all-news.co&dtd=7
Frame ID: 9494597B54287731EDFE82310006038C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=232326213&adf=745126324&pi=t.aa~a.2369760627~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=zfPAqqLZJh&p=https%3A//all-news.co&dtd=38
Frame ID: E750E7B7169E334291BC9BEAA82ABED8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3214185842&pi=t.aa~a.3633464688~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=4&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yKBgPIBr15&p=https%3A//all-news.co&dtd=49
Frame ID: 7732DA3D530EFAF12E6C48D805EE8139
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Frame ID: AD7C940FBA39BE6C667714130483C721
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Frame ID: EEA123466B4923DB1ABB8C6C7FF72DAB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8A049BD7C7617A7D6D7AFC45AB3124B9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5A08C4B0A70A2108F460E0060557148B
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 659AD1DF0E7269BE637B7F8E07CCFCBE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6EE22427153CB7B043570F7280D07D85
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EB19E9550BD1C64A281285C1C4117386
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D70300F26C7FF64DF47FDCB9CB295130
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cgb4tS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLIBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE1KnSJeQUFvoC4bMtaETeblh1PcDvy7QAnylz9aW-4mC1TABQZil4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=8zWd6k5-u4M&uach_m=[UACH]&cid=CAQSOwBygQiDocK238-DK1-AwA_dJ1UVmuNsicthuSfJIWbuzvem2QRRNHM2HnWTVskmbgITMAtCoO_c7wNfGAE
Frame ID: EEB6B044F2FAD32FCA1C0C9B775842E4
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jkb5r8tbpnndgjxd3y90tvk701zases8b14rsa3f3py37mab7g1x7q7heyqhtc1xwg9a0z7dcg8wr2as8cbs1wm2qw47g5ps20yreh3zasr7g3kp6r82hxn4mkejxe8daftz2kt8b9wvt2f63dyrmb3b6qnc9gxsfhfnhhah56tvktks2sfvx9rkqn3dz7x748wn5s287r5sthkd7qjpx87tc9nfps8y8c0rkmbbaf9edpc5c49exse5sgpks55m9bfbve88p3py7ga8hr92hn8f1qntdqdbxhcfyj71ewn2dg2wvzcj369yqxhetb2pdhejqqa315e4vdzk4sz95r3b601750bshz0s3p26y8mrcjfzga11cn4psxmdgqxb8cpej23s7m2nvsfgt86rgg2y926ke61ynyptxq4xsbbdgh58ydy821wne2sv8kby471q7rhfq1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: 8815B575C42AE5FBC230FF0ED18A9C8E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 335ABF68425131F8F31B66506F40A90C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: F5271AFB331F016FDFEB3DCCF9524AC7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 05BF593F2B83827F9E9AF958D231F2E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CM2RrS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgSyAU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qJhMcm6dHljycS59lrqOOgoUqIag6yhbjCXmBnoB1mFoYHHhLwbSABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=Lvg7lXv2adg&uach_m=[UACH]&cid=CAQSOwBygQiDwHJbdyRNmLwRak6v_X9gTidP27FFTyX-H2MWu9dXjDsY5HiZBVn91B2EGUUT7Ii9FhYymzIUGAE
Frame ID: 6D5C611F149C6CAD399C3FF933D6E5DD
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k4ekyryr6gccvs4n0mwq5nennsnk7htmeve1pjdb0s7tae200tjtje7xnh27cxy1k09a1qy0v52kevyg84hq9hy54r9jb0sb4e90d6y0fhmjxnyhm09eds70hfd6zehq3d437cq179n6jm0cyppy76vmrt9t8gke195sk84pvw1jhgrse8w8tbn9kcv0tsja334238yh4dt5q03pym9jy1taf4ftctg5wm1vzgwd08m39ecn0neex8dt9ptynbcptzeetn9ban8f3yzh64zd7ppttn5b8dfyazahj3crk7nh59w4a2qmz5etqpx3868c4gdnrf72e6rmfxrf0xxftr7djwb44z33brh1kwa8f3fvhv0hdhkch0j6zrm13vw0gxytbz95y15203nkadxynx0emwpk8yk3mphrscnkbnc803rd8d948gn3918sjkwfcbn6vt49mvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: 9905312A7E599679C01903C11EE86779
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6FB5EBE20FAAF7990F4A60521184B7AF
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FED613509012E9286813162F378D1B79
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0171E824C3BCD2DC39817C13CE2A1DC4
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Frame ID: FBB5573134D85C6ACD86F7ACF0729AEE
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Frame ID: 2C1B415DB5C8FB106072F02EE109AC74
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CZSZAS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLIBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O003C0PUurDIpNvFIE5koLk1FK9l5acnKSP4ddkbHZmkKPSLkUgsHYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=4thz21c-GwY&uach_m=[UACH]&cid=CAQSOwBygQiDdv7cwpRpujGxwIgd5_V2uVkCETBqUJFmWZDTzf4GeCt9xfuT5wGA6Qlflaq5oUE74Pkec7DpGAE
Frame ID: 5C089E176DB409DB51DB7F75428856D3
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gse7ky4y33q8ee0m7kn0s4p7j4ewjzbngn1j66xa7xrtqsj8banzt057k74n3asxw88jdspnsgz2y3kz9dj72syg2kha7vx9amyasc8ve7mxnh88rbgevax44e62ngd88vawwc7jz5w9rytey5axp07tv0xepvy4p9rty08ep1dh4d0cx4b2xr537v22hxhgpmtgkmd6egdy5xhpgq4c1hk6f9kx2e5jz8npcn534ea86na0n6dtfyc832cdrejjt1v3cradzekekne2ghkhatzx46zg518w51n3jn8dmbcm1y2a7x7mmfyeyanbbqser8r8qcy0nbqm9b3a6eyezrcp7qss2qq4tnazyfat12qyvjdn21ak4z3kjak7vnrqsev6nz05a787zc74b4dphg4fahwh98gy6gh0nnf1tzwya2kksmspkr988z49g2509xx27vbw26g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: 2A338AFD05CD1E1403B9710A0FDB0016
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 383A5A67B7CF782B65EC0056D0251F49
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 359BA458D4EF2549632961392BD2E82D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1681814605&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814605542&bpp=1&bdt=3944&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250%2C324x250%2C1600x1200%2C160x600%2C200x600%2C1005x124&nras=8&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x%2CAHQMDFeZldKphl3627wRErJu9ONhUEkUCcBwwiZcbZ6e6SdbcvJ2R4SLYVDoPNYRP6ZeWdYhQDQ5NlGkI30FwgATn7YBhYb5HB3ksRcvDDfoRJikemMnFg%2CAHQMDFe8HwhG5eYGPYAY1naLoxIL4hsn3kqXpJIhqUmXyWGuryKwD3GBtRHqqb5SnfC10bBmaU2ZyQ9OThwwSB_nwnj2BPrSm1Dke12sJ4F6V7HFBpk%2CAHQMDFfe8Mty3UjUvjSSPJbS8-PgrAh59UhIBKFd4wLXlwLGlZZrtz39crHJRNWDcIo9ABOjWxRpBLSe2Y8NEC_TS_3n48LNcutg6EYuipIbQjUg-yHAJg&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=8&fsb=1&xpc=QuuF9C31UA&p=https%3A//all-news.co&dtd=6
Frame ID: 209513BE94CD838BAD15A3C4A93F456B
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87A533DC3D1B960BAD76AA8F3852F67F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 165960F52381EC52A05F6DAE7BF61E83
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Frame ID: BEBBD20F3EF5F33423C491273508CCA0
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 883F5BA40A7354C7E6AAA262861C1809
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 80637FBC08AEB69F5E439ABB4C4E5D72
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

All-News

Page URL History Show full URLs

http://tiptopessen.online/?Z289MSZzMT0xNjIxODE0JnMyPTE4NTE3ODYyNyZzMz1CRQ== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

270
Requests

91 %
HTTPS

49 %
IPv6

35
Domains

45
Subdomains

30
IPs

8
Countries

6383 kB
Transfer

9549 kB
Size

38
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/
Title: Subscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tiptopessen.online/?Z289MSZzMT0xNjIxODE0JnMyPTE4NTE3ODYyNyZzMz1CRQ== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://d.agkn.com/pixel/2175/?google_gid=CAESEMk8MjEinNMpgkSPInAT24E&google_cver=1&google_push=Aer7DvKzO5FE0JxnOYiVdzlDiSgc1j49OdAcMXu5SoSdxfHly2oi5TPvJimyIErs-F6kr_JkEZhFfb5Oq4l6qzUqoNGU36hha5X-mqMi0nickg7iLrqYqofnNU8U9DBi5-rKEIVnEnNA6JzzfptRcahySq0f1lg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvKzO5FE0JxnOYiVdzlDiSgc1j49OdAcMXu5SoSdxfHly2oi5TPvJimyIErs-F6kr_JkEZhFfb5Oq4l6qzUqoNGU36hha5X-mqMi0nickg7iLrqYqofnNU8U9DBi5-rKEIVnEnNA6JzzfptRcahySq0f1lg&google_hm=Q0FFU0VNazhNakVpbk5NcGdrU1BJbkFUMjRF

Request Chain 140

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGksZpuKduLIO7xokZCQr9o&google_cver=1&google_push=Aer7DvJ3cKq9IbOB4P-BcJ_GQNGDfKNos9xOTZp2bJa_hbP4tDeeI3d_LY1UMRkMGSgqkOdd6_mzgRZjVYMSyNHqFaD_eWtTqmKyJl4MRPqhLGu4Zw6pgXEMoVOTKPnOT1tocTQVK59ogLTmHscLZZg9h-TBMCs HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGksZpuKduLIO7xokZCQr9o&google_cver=1&google_push=Aer7DvJ3cKq9IbOB4P-BcJ_GQNGDfKNos9xOTZp2bJa_hbP4tDeeI3d_LY1UMRkMGSgqkOdd6_mzgRZjVYMSyNHqFaD_eWtTqmKyJl4MRPqhLGu4Zw6pgXEMoVOTKPnOT1tocTQVK59ogLTmHscLZZg9h-TBMCs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvJ3cKq9IbOB4P-BcJ_GQNGDfKNos9xOTZp2bJa_hbP4tDeeI3d_LY1UMRkMGSgqkOdd6_mzgRZjVYMSyNHqFaD_eWtTqmKyJl4MRPqhLGu4Zw6pgXEMoVOTKPnOT1tocTQVK59ogLTmHscLZZg9h-TBMCs

Request Chain 142

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFubzuFm_iUVGG-0wf2z6ZE&google_cver=1&google_push=Aer7DvLJA0c1G2DW1DNzxmV4pOJLYWbUpxyD0Ks5Wp71nRMjiKdAh6Np1SSzZLmWBRF8gWq8ehbfjxlo_LmZImpJVZ5aEiCOpOVREvEwwHUlyMoxcYTrRip8Ba8ncXp_LwTyLJl8rgLleEgkqcXGsh9NI025Nbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLJA0c1G2DW1DNzxmV4pOJLYWbUpxyD0Ks5Wp71nRMjiKdAh6Np1SSzZLmWBRF8gWq8ehbfjxlo_LmZImpJVZ5aEiCOpOVREvEwwHUlyMoxcYTrRip8Ba8ncXp_LwTyLJl8rgLleEgkqcXGsh9NI025Nbw

Request Chain 143

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOTkraNvasOJZF18Q7msWc0&google_cver=1&google_push=Aer7DvIZN_7ZHCGu8yy84xdFlUDSTujTM0j_GeI8e7QLpTftgBcZOUx7Ix4-xkwK-0Ecv-mqvlOdAZdWRka8rc6YR_gJ_to64axV0TZVAfntEfPt65lWXETKQUTb7BDw-GPHRn0q2S45VOvkBl0CKWEs6UBKIPz5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvIZN_7ZHCGu8yy84xdFlUDSTujTM0j_GeI8e7QLpTftgBcZOUx7Ix4-xkwK-0Ecv-mqvlOdAZdWRka8rc6YR_gJ_to64axV0TZVAfntEfPt65lWXETKQUTb7BDw-GPHRn0q2S45VOvkBl0CKWEs6UBKIPz5&google_hm=ODkwNzE5NjU3MzY2NTI0MzE5Ng==

Request Chain 144

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEFxKwMi0tkVR7uxQEmVJP-s&google_cver=1&google_push=Aer7DvJotQr-klKjGKFepztZnCaaaXbHmo9HucGFu719Z1OipOh2pt0Vt7q4rMH9a_Pp-IgT52e_AyalWoGBk1uzc5jr-EAmmt4Xra8la4SsbIFg00HRtrrnoabmdtsku-LXup_hEXmGTkpBOvewCZsJEnnZtrmh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=WvVmlAel60ee5lEovlYE1Q&google_push=Aer7DvJotQr-klKjGKFepztZnCaaaXbHmo9HucGFu719Z1OipOh2pt0Vt7q4rMH9a_Pp-IgT52e_AyalWoGBk1uzc5jr-EAmmt4Xra8la4SsbIFg00HRtrrnoabmdtsku-LXup_hEXmGTkpBOvewCZsJEnnZtrmh

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 162

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvL2r9N7tUdaHr6hzC7OJJjzlmXBpUI34-sft5MagkvuA4u8yIRckVXbzdvac-DOu49QAl23mrnCEe9sDfXYGnC5Dy0RC8WrZnI HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvL2r9N7tUdaHr6hzC7OJJjzlmXBpUI34-sft5MagkvuA4u8yIRckVXbzdvac-DOu49QAl23mrnCEe9sDfXYGnC5Dy0RC8WrZnI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvL2r9N7tUdaHr6hzC7OJJjzlmXBpUI34-sft5MagkvuA4u8yIRckVXbzdvac-DOu49QAl23mrnCEe9sDfXYGnC5Dy0RC8WrZnI

Request Chain 163

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHHlSMclLvzb_5jwivO3zbE&google_cver=1&google_push=Aer7DvI-wIllXnaOVVOKuJ7-xznHHOJ8W2kCPC58cF8nOOLArP2B20uSUpwx02Eeah0vqKJoGHWBkcJZacc644JOvBZaEeUINky0WrA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHHlSMclLvzb_5jwivO3zbE&google_push=Aer7DvI-wIllXnaOVVOKuJ7-xznHHOJ8W2kCPC58cF8nOOLArP2B20uSUpwx02Eeah0vqKJoGHWBkcJZacc644JOvBZaEeUINky0WrA

Request Chain 164

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOzfdvfl6t8Sshw4SV_y6tk&google_cver=1&google_push=Aer7DvL2_2TBR0pTOrklSnicVUQAYzmX6NhMBQCuTuojMFod52Do-E_oiAwbtPg-1kmBq943rhO2GHzg6P88XaHVdx4TlaaDe_9_Rg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4_pfHmHqRECqw98tTqcBTg2&google_push=Aer7DvL2_2TBR0pTOrklSnicVUQAYzmX6NhMBQCuTuojMFod52Do-E_oiAwbtPg-1kmBq943rhO2GHzg6P88XaHVdx4TlaaDe_9_Rg

Request Chain 165

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENCQa0gLVdjD9XGet-rYIHg&google_cver=1&google_push=Aer7DvILYNK5a4FQhUNggPtGtKmfBg2g689y8n4GzrFyD2NTBVS4Uwo9FcLTLzNPMAL6TAmVYWvswBeluTkb1BPHPcAl80qJuq_RMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvILYNK5a4FQhUNggPtGtKmfBg2g689y8n4GzrFyD2NTBVS4Uwo9FcLTLzNPMAL6TAmVYWvswBeluTkb1BPHPcAl80qJuq_RMg&google_hm=eS1WWGlDeTZKRTJwRk5HVU5LM0RzMnV6SFUyeUlyeGh2cn5B

Request Chain 166

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGksZpuKduLIO7xokZCQr9o&google_cver=1&google_push=Aer7DvI5VDKMK3PHnSpkxmIuOOEoATF0H1cFnt7cwwjs1yWxkile4SgI5y_lVw-BdFlxEBkV58jxOBLyvzYiyLibTptB-vgaul3qKtc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvI5VDKMK3PHnSpkxmIuOOEoATF0H1cFnt7cwwjs1yWxkile4SgI5y_lVw-BdFlxEBkV58jxOBLyvzYiyLibTptB-vgaul3qKtc

Request Chain 168

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK5mJZ4FtR0TqhIyw3KBsgY&google_cver=1&google_push=Aer7DvKK6DpdokqTiwDrYX-O0xAXXnVG86E_G1AnCvV5BKuDwrjl0jN-pT9ZXX15tUZu1KDB7haaCo2Mce9a7sh47iGIVhssQMt-AQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK5mJZ4FtR0TqhIyw3KBsgY&google_cver=1&google_push=Aer7DvKK6DpdokqTiwDrYX-O0xAXXnVG86E_G1AnCvV5BKuDwrjl0jN-pT9ZXX15tUZu1KDB7haaCo2Mce9a7sh47iGIVhssQMt-AQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKK6DpdokqTiwDrYX-O0xAXXnVG86E_G1AnCvV5BKuDwrjl0jN-pT9ZXX15tUZu1KDB7haaCo2Mce9a7sh47iGIVhssQMt-AQ

Request Chain 187

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmdoneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 191

https://latner.rentalmotorbike.com/ts/i5047752/tsv?amc=adnetworks.blbn.456157.513300.CRTDu-TPrWG&pv=1&pref3=oneidmQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMKoneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1681205333/prod_creatives/net_253/adv_93713/cr_75901dcf-8fe0-4a0a-876b-62e364580bb1

Request Chain 208

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvKK2PKkGeSvYAg19v96rTwryEKI98_nKqwvlU2mHD7-OcDJANvfcbvFp3MKID0ad0lspz5gsvk81ZzBWJm1vg5hMNXA5g9qGPI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvKK2PKkGeSvYAg19v96rTwryEKI98_nKqwvlU2mHD7-OcDJANvfcbvFp3MKID0ad0lspz5gsvk81ZzBWJm1vg5hMNXA5g9qGPI

Request Chain 209

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEQxMZaIbCF1z3CnRvlOAOY&google_cver=1&google_push=Aer7DvKXqfj4G6cLROMQN_kkDduK3Cc9qNOrrXEFEKcV2W7XLyFxwZkUKVQywGGXyBb4hyAXC4jux6dNz91ec5uxu-TO0EDR4rEC3S0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKXqfj4G6cLROMQN_kkDduK3Cc9qNOrrXEFEKcV2W7XLyFxwZkUKVQywGGXyBb4hyAXC4jux6dNz91ec5uxu-TO0EDR4rEC3S0

Request Chain 210

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGksZpuKduLIO7xokZCQr9o&google_cver=1&google_push=Aer7DvJUHwAv2ujjotlwje32utzWwGCPUX0YmFAoVglh8eEQCg24nqrxMZuw0efVzZHDYp1AeK4UB4bxlhqNr2dZOwtLhDLOfCsifiY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvJUHwAv2ujjotlwje32utzWwGCPUX0YmFAoVglh8eEQCg24nqrxMZuw0efVzZHDYp1AeK4UB4bxlhqNr2dZOwtLhDLOfCsifiY

Request Chain 212

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK5mJZ4FtR0TqhIyw3KBsgY&google_cver=1&google_push=Aer7DvK26lhnNO3lGhmw54AoVEHz8r0yh6U2admsiV2RXCktNa3lj33A-FvrlWJpqNH4JFfwnfMCZU3JQ_igBBpp7StArMWGw8u7jP4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvK26lhnNO3lGhmw54AoVEHz8r0yh6U2admsiV2RXCktNa3lj33A-FvrlWJpqNH4JFfwnfMCZU3JQ_igBBpp7StArMWGw8u7jP4

Request Chain 213

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEdwNh1ia0WUl7EaJ26GTlA&google_cver=1&google_push=Aer7DvJ6sV8cUHMIDQ93McA7gzLubPI-w3psYXxsw9twqAaSam0o_-TwbsZw-FSZBnikNeXjpTP1-hLU6RRKhV-eK1U5xtW00clGiNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdNNFpRVTItQS0yUDE0&google_push=Aer7DvJ6sV8cUHMIDQ93McA7gzLubPI-w3psYXxsw9twqAaSam0o_-TwbsZw-FSZBnikNeXjpTP1-hLU6RRKhV-eK1U5xtW00clGiNQ

Request Chain 248

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmdoneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 268

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOH_DPRxmGJdErWxtnZaHEc&google_cver=1&google_push=Aer7DvJI4tgfdz14CYVJfDQ1fkqzCUnEJLdgZOsy9Wz6fhb7RQKAs3PSxyHYThoUYbdMQqnZaA1nCbUN0TnPzKQFu3OTL9VWoDVfcvo HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvJI4tgfdz14CYVJfDQ1fkqzCUnEJLdgZOsy9Wz6fhb7RQKAs3PSxyHYThoUYbdMQqnZaA1nCbUN0TnPzKQFu3OTL9VWoDVfcvo&google_hm=_Bw4CnOGDisbtKrY-R-cOw

Request Chain 270

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvJwKFf32nd68UdWvbqU5dl7s732olJkZ8fB9SdCReLd55dLoUxg6nRR_bfCNROQntiaqVCyyzlJdS979P9p3WuJZ09PD7iNNrM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvJwKFf32nd68UdWvbqU5dl7s732olJkZ8fB9SdCReLd55dLoUxg6nRR_bfCNROQntiaqVCyyzlJdS979P9p3WuJZ09PD7iNNrM

Request Chain 272

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK5mJZ4FtR0TqhIyw3KBsgY&google_cver=1&google_push=Aer7DvKvPksyi_9Onu1wBoKYMF-MiuVLkE6IdW01m2wjxvTbDjwXxlfZbuuKAjaI4pEKsCnYOlaJN1_HdN9UJ-EaLUI7AhRQYYRmot8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKvPksyi_9Onu1wBoKYMF-MiuVLkE6IdW01m2wjxvTbDjwXxlfZbuuKAjaI4pEKsCnYOlaJN1_HdN9UJ-EaLUI7AhRQYYRmot8

Request Chain 273

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEdwNh1ia0WUl7EaJ26GTlA&google_cver=1&google_push=Aer7DvIdL21T-kgU5AuAaFQAGyjgXBKJtRcux-6fDbDyaIOQAk01SAOIqJC-IBdjyjpcbbvNUJy4ROhki9rgxUCQlsY9Bsjeg-cQU9M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdNNFpTMFEtNC0xUkVW&google_push=Aer7DvIdL21T-kgU5AuAaFQAGyjgXBKJtRcux-6fDbDyaIOQAk01SAOIqJC-IBdjyjpcbbvNUJy4ROhki9rgxUCQlsY9Bsjeg-cQU9M

Request Chain 274

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFubzuFm_iUVGG-0wf2z6ZE&google_cver=1&google_push=Aer7DvL6WXxdzunlUkD1lHdiBzrcfkCSdx4mazA-12foTkx9ATH8WM7HsFFxhKkGuJZyi_9mTBAnDrVUORsnYLnPpGv8bsd9zy8bjYw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL6WXxdzunlUkD1lHdiBzrcfkCSdx4mazA-12foTkx9ATH8WM7HsFFxhKkGuJZyi_9mTBAnDrVUORsnYLnPpGv8bsd9zy8bjYw

270 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
all-news.co/
Redirect Chain

http://tiptopessen.online/?Z289MSZzMT0xNjIxODE0JnMyPTE4NTE3ODYyNyZzMz1CRQ==
http://all-news.co/
https://all-news.co/

610 KB
611 KB

1488ms
1383ms

Document
text/html

5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 / PHP/8.0.27
Resource Hash: 684eb93031676cc446b9ae1fde5c980d09342733775d44abe052c31b16c43e10

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Apr 2023 10:43:20 GMT
Keep-Alive: timeout=5, max=100
Link: <https://all-news.co/wp-json/>; rel="https://api.w.org/" <https://all-news.co/wp-json/wp/v2/pages/957>; rel="alternate"; type="application/json" <https://all-news.co/>; rel=shortlink
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.27

Redirect headers

Connection: Keep-Alive
Content-Length: 228
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 18 Apr 2023 10:43:20 GMT
Keep-Alive: timeout=5, max=100
Location: https://all-news.co/
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27

GET
H/1.1 200
OK style.min.css
all-news.co/wp-includes/css/dist/block-library/ 95 KB
96 KB 101ms
35ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "17ced-5f8177dd6e752"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 97517

GET
H/1.1 200
OK classic-themes.min.css
all-news.co/wp-includes/css/ 291 B
605 B 101ms
34ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "123-5f8177dd6b872"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 291

GET
H/1.1 200
OK style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
37 KB 101ms
34ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "92ec-5f71c1544542e"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37612

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 93ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91b1f3d56b7999e52c3c07650e45c8624d456ec35e8bd2333a7170307dcb77dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Apr 2023 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 10:25:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Apr 2023 10:43:21 GMT

GET
H/1.1 200
OK style.css
all-news.co/wp-content/themes/Newspaper/ 149 KB
150 KB 101ms
34ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2557c-5f71c14ef049f"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 152956

GET
H/1.1 200
OK td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 161 KB
161 KB 101ms
34ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2828e-5f71c154f25ad"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 164494

GET
H/1.1 200
OK tdb_main.css
all-news.co/wp-content/plugins/td-cloud-library/assets/css/ 34 KB
34 KB 135ms
34ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "882f-5f71c15bec76d"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34863

GET
H/1.1 200
OK jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 88 KB
88 KB 169ms
34ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "15ed7-5f8177dd72da2"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 89815

GET
H/1.1 200
OK jquery-migrate.min.js Show response
all-news.co/wp-includes/js/jquery/ 13 KB
13 KB 202ms
34ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "3470-5f8177dd71e02"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13424

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 137ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a3fded969554c4ef1f2fa956c10ee4a8bd657bd87d60bb965c9866d8ee2530b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48047
x-xss-protection: 0
server: cafe
etag: 4457051457844201601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:21 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 18 KB
19 KB 34ms
33ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4904-5f8177dd7124a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18692

GET
H/1.1 200
OK ALLNEWS-logo-final-1.png
all-news.co/wp-content/uploads/2022/12/ 107 KB
108 KB 34ms
34ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/12/ALLNEWS-logo-final-1.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Fri, 30 Dec 2022 18:13:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1ada4-5f10f8fb79eed"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 109988

GET
H/1.1 200
200 q Show response
ws-na.amazon-adsystem.com/widgets/ Frame 4350 14 KB
4 KB 327ms
103ms Document
text/html 52.46.131.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B07N7PK9QK&asins=B07N7PK9QK&linkId=906fbc5bf051ce6dc9b19467bd0167b8&show_border=true&link_opens_in_new_window=true
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c0415527dbb6eebe1f03168848c499646fd2073fad08ce77c5d79d9bb61c8d72

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 3416
Content-Type: text/html;charset=UTF-8
Date: Tue, 18 Apr 2023 10:43:22 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

GET
H/1.1 200
200 q Show response
ws-na.amazon-adsystem.com/widgets/ Frame 2490 14 KB
4 KB 330ms
105ms Document
text/html 52.46.131.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BF9GPRCB&asins=B0BF9GPRCB&linkId=367e3236925d75a89adf492434ed9b8c&show_border=false&link_opens_in_new_window=true
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: b9d23ceb37946ecb8e0b9f81f4507bddb7c788f954df5d352e1ecde2643d50d6

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 3373
Content-Type: text/html;charset=UTF-8
Date: Tue, 18 Apr 2023 10:43:22 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

GET
H/1.1 200
200 q Show response
ws-na.amazon-adsystem.com/widgets/ Frame C74B 14 KB
4 KB 328ms
104ms Document
text/html 52.46.131.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BBKDMMB7&asins=B0BBKDMMB7&linkId=caad0566587b3d908c0926c7a3213e67&show_border=true&link_opens_in_new_window=true
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 493142d9a638ea11c76a6d057aefee45ebab3dff77afd834e77c194e52ddff75

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 3395
Content-Type: text/html;charset=UTF-8
Date: Tue, 18 Apr 2023 10:43:22 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

GET
H/1.1 200
OK mobile-bg.jpg
all-news.co/wp-content/uploads/2023/01/ 43 KB
43 KB 34ms
34ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Tue, 10 Jan 2023 16:25:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "abd5-5f1eb56bff015"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43989

GET
H/1.1 200
OK newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 34ms
34ms Font
application/font-woff 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "82d0-5f71c14ef1057"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33488

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 82ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 31330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 103ms
52ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 114ms
66ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 31330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 133ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95e4e392cc14ceca1448db3f32c0bb5d6dfdf05020c955f5492909eb7e6a6dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118931
x-xss-protection: 0
server: cafe
etag: 15663819181665246814
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/ Frame 4714 10 KB
5 KB 82ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 15460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 06:25:42 GMT
etag: 2378337311435320485
expires: Tue, 02 May 2023 06:25:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 4350 1 KB
2 KB 110ms
22ms Image
image/png 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B07N7PK9QK&asins=B07N7PK9QK&linkId=906fbc5bf051ce6dc9b19467bd0167b8&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 01:33:35 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1415387
x-cache: Hit from cloudfront
content-length: 1427
last-modified: Thu, 15 Dec 2022 12:11:39 GMT
server: Server
etag: "593-5efdcc15d66ed"
vary: Accept-Encoding
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: yYQSP2GF8IHvOiDQqwA41ehrjSRCbSyN87EnYCyl8BSNEGKA3HfumA==
expires: Sun, 09 Apr 2023 01:33:35 GMT

GET
H2 200 413jhqxM45L._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 4350 1 KB
2 KB 136ms
26ms Image
image/jpeg 2600:9000:225e:6800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/413jhqxM45L._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B07N7PK9QK&asins=B07N7PK9QK&linkId=906fbc5bf051ce6dc9b19467bd0167b8&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e18444f26e7ab6cccc58eed5d7cfb5074d7ad4ed55bba3bbeb9e5b212d653c60

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:31:21 GMT
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1822321
edge-cache-tag: x-cache-086,/images/I/413jhqxM45L
x-cache: Hit from cloudfront
x-nginx-cache-status: HIT
content-length: 1381
surrogate-key: x-cache-086 /images/I/413jhqxM45L
last-modified: Mon, 13 Feb 2023 01:15:58 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: b4faf0b6-2071-48c9-81cb-2ebc56f20074
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: j4vS5y1TLHjJAIPc9ezjtlv7As7gVrgM-dgsIet_BBkNwvqfFaKPgA==
expires: Sun, 22 Mar 2043 13:45:47 GMT

GET
H2 200 prime.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 4350 3 KB
4 KB 100ms
25ms Image
image/png 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B07N7PK9QK&asins=B07N7PK9QK&linkId=906fbc5bf051ce6dc9b19467bd0167b8&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 04:28:39 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 20:13:09 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 1750483
etag: "d1d-5f7fb7cfb199c"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3357
x-amz-cf-id: Rsw9kURRGL453bDldNArsxcheZ5RM21OBKHvWrOymzHQ4XaAvgVW2A==
expires: Wed, 05 Apr 2023 04:28:39 GMT

GET
H2 200 a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame C74B 1 KB
2 KB 104ms
23ms Image
image/png 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BBKDMMB7&asins=B0BBKDMMB7&linkId=caad0566587b3d908c0926c7a3213e67&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 01:33:35 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1415387
x-cache: Hit from cloudfront
content-length: 1427
last-modified: Thu, 15 Dec 2022 12:11:39 GMT
server: Server
etag: "593-5efdcc15d66ed"
vary: Accept-Encoding
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 1rNKvmQP91pl_pZxiW8I9KKk1om1L3XFLFYmrzVZW63DG6gkK7NcOw==
expires: Sun, 09 Apr 2023 01:33:35 GMT

GET
H2 200 31eIAYn9FcL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame C74B 1 KB
2 KB 130ms
27ms Image
image/jpeg 2600:9000:225e:6800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/31eIAYn9FcL._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BBKDMMB7&asins=B0BBKDMMB7&linkId=caad0566587b3d908c0926c7a3213e67&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 17edef99bef680cc1c32e746657d7687fdc5fb9d195994300c2902983f948c8f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 04:46:34 GMT
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 799008
edge-cache-tag: x-cache-456,/images/I/31eIAYn9FcL
x-cache: Hit from cloudfront
x-nginx-cache-status: HIT
content-length: 1125
surrogate-key: x-cache-456 /images/I/31eIAYn9FcL
last-modified: Fri, 30 Sep 2022 03:40:07 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: c25851c7-5dab-4681-8c84-e59dcce9dae1
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: lmcFOkmleZcbTnfcMCjjyAVdha2iK-FhOfmAwf68QEXr4Q4nvJN_Mg==
expires: Sat, 04 Apr 2043 03:01:50 GMT

GET
H2 200 prime.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame C74B 3 KB
4 KB 96ms
26ms Image
image/png 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BBKDMMB7&asins=B0BBKDMMB7&linkId=caad0566587b3d908c0926c7a3213e67&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 04:28:39 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 20:13:09 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 1750483
etag: "d1d-5f7fb7cfb199c"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3357
x-amz-cf-id: PvhOeRgJNJRBRAX8dwRIrh3yKQd9HIufAar5ryMmZL5cxKQv_pl-7A==
expires: Wed, 05 Apr 2023 04:28:39 GMT

GET
H2 200 a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 2490 1 KB
2 KB 99ms
23ms Image
image/png 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BF9GPRCB&asins=B0BF9GPRCB&linkId=367e3236925d75a89adf492434ed9b8c&show_border=false&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 01:33:35 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1415387
x-cache: Hit from cloudfront
content-length: 1427
last-modified: Thu, 15 Dec 2022 12:11:39 GMT
server: Server
etag: "593-5efdcc15d66ed"
vary: Accept-Encoding
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: lKogNEQBROhUiTp0zwC9Cg2qZ0VbvL99N1_XXgfroS9LxPqMvtThiw==
expires: Sun, 09 Apr 2023 01:33:35 GMT

GET
H2 200 31WNihldpzL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 2490 2 KB
2 KB 126ms
28ms Image
image/jpeg 2600:9000:225e:6800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/31WNihldpzL._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BF9GPRCB&asins=B0BF9GPRCB&linkId=367e3236925d75a89adf492434ed9b8c&show_border=false&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 7d78fea6c0a61aa98a97771861496949e3e8a0b3e736e898777116d99e91988f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 04:46:34 GMT
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 799008
edge-cache-tag: x-cache-223,/images/I/31WNihldpzL
x-cache: Hit from cloudfront
x-nginx-cache-status: HIT
content-length: 1625
surrogate-key: x-cache-223 /images/I/31WNihldpzL
last-modified: Mon, 14 Nov 2022 18:20:44 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 0d3a68b0-324c-47df-9d33-f0f61be80bc4
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: Vb8CTRvlCLqcLEE8m7ohU8UTJk3RETn_AvScQI9gne9-CrDFyA4F-Q==
expires: Sat, 04 Apr 2043 03:00:39 GMT

GET
H2 200 prime.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 2490 3 KB
4 KB 93ms
27ms Image
image/png 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BF9GPRCB&asins=B0BF9GPRCB&linkId=367e3236925d75a89adf492434ed9b8c&show_border=false&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 04:28:39 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 20:13:09 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 1750483
etag: "d1d-5f7fb7cfb199c"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3357
x-amz-cf-id: Cl7wxOvagwwcqUweVCyyepVV8B0PuIaE3XthSjyABzuhZmj9DuOqdA==
expires: Wed, 05 Apr 2023 04:28:39 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 4350 43 B
200 B 308ms
99ms Image
image/gif 52.94.237.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1681814602205&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22health0b30-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fall-news.co%2F%22%7D
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B07N7PK9QK&asins=B07N7PK9QK&linkId=906fbc5bf051ce6dc9b19467bd0167b8&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
x-amzn-RequestId: 08cffedf-b383-4144-bc7e-d0c48cf68287
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 4350 341 B
713 B 97ms
25ms Image
image/gif 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B07N7PK9QK&asins=B07N7PK9QK&linkId=906fbc5bf051ce6dc9b19467bd0167b8&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 03:23:54 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
last-modified: Sat, 10 Sep 2022 12:00:38 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 2272768
etag: "155-5e8516934f3ce"
x-cache: Hit from cloudfront
content-type: image/gif
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 341
x-amz-cf-id: T_7eUldEJFcb5DELVT3E7ABH-WdvlsjyyRlYPMmNbn9QBDWEV_Pqlw==
expires: Thu, 30 Mar 2023 03:23:54 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame C74B 43 B
200 B 308ms
101ms Image
image/gif 52.94.237.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1681814602210&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22health0b30-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fall-news.co%2F%22%7D
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BBKDMMB7&asins=B0BBKDMMB7&linkId=caad0566587b3d908c0926c7a3213e67&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
x-amzn-RequestId: 5b2a9bd0-e7b6-4876-85b8-045cefd07bb2
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 2490 43 B
200 B 313ms
103ms Image
image/gif 52.94.237.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1681814602213&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22health0b30-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fall-news.co%2F%22%7D
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BF9GPRCB&asins=B0BF9GPRCB&linkId=367e3236925d75a89adf492434ed9b8c&show_border=false&link_opens_in_new_window=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
x-amzn-RequestId: 0881b69b-991a-4eca-83bb-36b374cc37ec
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame C74B 341 B
712 B 91ms
28ms Image
image/gif 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BBKDMMB7&asins=B0BBKDMMB7&linkId=caad0566587b3d908c0926c7a3213e67&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 03:23:54 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
last-modified: Sat, 10 Sep 2022 12:00:38 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 2272768
etag: "155-5e8516934f3ce"
x-cache: Hit from cloudfront
content-type: image/gif
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 341
x-amz-cf-id: PmJIAyuENo0gjINhBDpFS_x3x_Thk4UC4Evkc6XeR-wW1Ie8rnAr2w==
expires: Thu, 30 Mar 2023 03:23:54 GMT

GET
H2 200 cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 2490 341 B
713 B 105ms
43ms Image
image/gif 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B0BF9GPRCB&asins=B0BF9GPRCB&linkId=367e3236925d75a89adf492434ed9b8c&show_border=false&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 03:23:54 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
last-modified: Sat, 10 Sep 2022 12:00:38 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 2272768
etag: "155-5e8516934f3ce"
x-cache: Hit from cloudfront
content-type: image/gif
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 341
x-amz-cf-id: wa5vvWtbL0MEiPN6sYpQhREZxV0zj5eOkdWefDmrlqmXQd7jIJUZYw==
expires: Thu, 30 Mar 2023 03:23:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
605 B 92ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

907c75a67c40695afaa4e6cf64d178000ce40c967640a6b2eb9b7b53807dfc6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
531 B 121ms
34ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 90ms
33ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 70D3 476 KB
82 KB 1103ms
1102ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1681814602&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814602020&bpp=7&bdt=422&idt=293&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8747767644896&frm=20&pv=2&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&pvsid=3008958241035527&tmod=1839741348&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=359

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbcb045d07c818a5c3d8129dae01a164d0c08f24309d036232e755b78856b05b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 83512
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:23 GMT
expires: Tue, 18 Apr 2023 10:43:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
200 q Show response
ws-na.amazon-adsystem.com/widgets/ Frame 9AC9 14 KB
4 KB 304ms
103ms Document
text/html 52.46.131.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: be49950bb233dedd525e7fe74d73334cf81440f0ae6834246082253bc427b8fe

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 3396
Content-Type: text/html;charset=UTF-8
Date: Tue, 18 Apr 2023 10:43:22 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d94ca4527129dcc614dfd54573ee4f338f9a8936c4a3cb62c52d6858a3e0d9aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48093
x-xss-protection: 0
server: cafe
etag: 3108427695732011881
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:22 GMT

GET
H/1.1 200
OK elements.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
5 KB 34ms
34ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:22 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "10fc-5f71c154f3165"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4348

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 369E 86 KB
32 KB 512ms
512ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1681814602&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814602400&bpp=25&bdt=802&idt=25&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&pvsid=3008958241035527&tmod=1839741348&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=c9CbvahYUC&p=https%3A//all-news.co&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

052aeff997a661ee5c12b4da9286a678d0f0fb08c1eefd00f25fe04d410575d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32597
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:22 GMT
expires: Tue, 18 Apr 2023 10:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK underscore.min.js Show response
all-news.co/wp-includes/js/ 18 KB
19 KB 37ms
37ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:22 GMT
Last-Modified: Tue, 27 Sep 2022 15:18:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4991-5e9aa27ccd240"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18833

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
6 KB 35ms
35ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:22 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "14e2-5f71c15becb55"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5346

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/ 301 KB
301 KB 34ms
33ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:22 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4b207-5f71c154f160d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 307719

GET
H/1.1 200
OK comment-reply.min.js Show response
all-news.co/wp-includes/js/ 3 KB
3 KB 34ms
34ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/comment-reply.min.js?ver=6.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:22 GMT
Last-Modified: Fri, 08 Apr 2022 20:07:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "ba5-5dc2a2438e980"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2981

GET
H/1.1 200
OK js_files_for_front.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 185 KB
185 KB 35ms
34ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:22 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2e345-5f71c15becf3d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 189253

GET
H/1.1 200
OK footer_bg.jpg
all-news.co/wp-content/uploads/2023/01/ 105 KB
105 KB 34ms
34ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:22 GMT
Last-Modified: Tue, 10 Jan 2023 16:25:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1a481-5f1eb56835892"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 107649

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:14 GMT
x-content-type-options: nosniff
age: 668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:14 GMT

GET
H2 200 a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 9AC9 1 KB
2 KB 22ms
22ms Image
image/png 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 01:33:35 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1415387
x-cache: Hit from cloudfront
content-length: 1427
last-modified: Thu, 15 Dec 2022 12:11:39 GMT
server: Server
etag: "593-5efdcc15d66ed"
vary: Accept-Encoding
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: UHaPIRNU_Cu25GKQ3iL526HHGz-eCQsA0kcJopepxawwka1GtU-N9A==
expires: Sun, 09 Apr 2023 01:33:35 GMT

GET
H2 200 41-rSOtoD6L._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 9AC9 3 KB
3 KB 27ms
27ms Image
image/jpeg 2600:9000:225e:6800:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41-rSOtoD6L._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6800:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6c711e7939187c82f8ee963b72e8d9bb34338ee60be229dd0417527f57a1e8a1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:06:37 GMT
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1136205
edge-cache-tag: x-cache-918,/images/I/41-rSOtoD6L
x-cache: Hit from cloudfront
x-nginx-cache-status: MISS
content-length: 2593
surrogate-key: x-cache-918 /images/I/41-rSOtoD6L
last-modified: Tue, 15 Nov 2022 01:42:51 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 3afe2f61-b3aa-4fb1-bf7b-7e8c70c6090a
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: dz-FpGR98UlSmwZFR8_5kRVkxpPcCEb8F14nx7JoBE3gocnC1ILEbQ==
expires: Tue, 31 Mar 2043 07:06:37 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 9AC9 43 B
200 B 104ms
103ms Image
image/gif 52.94.237.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1681814602712&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22health0b30-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fall-news.co%2F%22%7D
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:21 GMT
x-amzn-RequestId: aaf6da47-9af5-4b04-823a-f84353a9617c
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 9AC9 341 B
713 B 23ms
22ms Image
image/gif 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 03:23:54 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
last-modified: Sat, 10 Sep 2022 12:00:38 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 2272768
etag: "155-5e8516934f3ce"
x-cache: Hit from cloudfront
content-type: image/gif
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 341
x-amz-cf-id: 8B2QddnaEL424zqXWYGqDg8YEHxBYWTBUJaPC97jKjn3X84pp94z4w==
expires: Thu, 30 Mar 2023 03:23:54 GMT

GET
H2 200 2566309358710998756
tpc.googlesyndication.com/daca_images/simgad/ Frame 369E 100 KB
101 KB 110ms
53ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2566309358710998756

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1681814602&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814602400&bpp=25&bdt=802&idt=25&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&pvsid=3008958241035527&tmod=1839741348&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=c9CbvahYUC&p=https%3A//all-news.co&dtd=29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59ce7ea08005afe7ad99ef17ca8ef9f2e85e20d8a61f253cb9644d0eaa3af91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 17:48:31 GMT
x-content-type-options: nosniff
age: 147292
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102720
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 09:34:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 Apr 2024 17:48:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame 369E 22 KB
9 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:08:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 369E 3 KB
1 KB 102ms
52ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 369E 20 KB
8 KB 79ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 369E 159 KB
49 KB 91ms
35ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:23 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 369E 33 KB
13 KB 83ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13518
x-xss-protection: 0
server: cafe
etag: 3101116608242260287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:31:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 369E 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CO9L1SnQ-ZJWIH4OkhAX4uaS4B762-L1v5aGV_5AR-6H89dU1EAEgzNPsggFg-wGgAYGhpLkoyAECqAMByAPJBKoEwwFP0LnAC7F-siPT2w7lOUvDiGIAe4qrgW0Qcb0B2BSheVWW86ZNYsf2KI28fIiJexCZwmqEbL1ZDFZu2NGmSpYP3Ng2NTP4KHdhBHztx5Mje6a0CyRPfuWwpLK3VDcnxR88WznrBgk2n4njdypuxHuuXk-2gDDWdxHq_0fvCBFr7qiCGl9BOqU_zjtvd2EsIeSJaqFHqmPQt5cNp-QvWLmbsmjD6s7P4WlLfc_JahJpenp34-G_xC2z5zjC_sLv-VWMCqjABPHFq-KbBJIFBAgEGAGSBQQIBRgEoAYCgAeB2fSYA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEODxAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=dFd3MhkVM_8&uach_m=[UACH]&cid=CAQSGwBygQiDVNQDqA2A81YfkmFKlajrqGrigMwo7BgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1681814602&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814602400&bpp=25&bdt=802&idt=25&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&pvsid=3008958241035527&tmod=1839741348&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=c9CbvahYUC&p=https%3A//all-news.co&dtd=29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Apr 2023 10:43:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Apr 2023 10:43:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9D20 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1681814602&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814602400&bpp=25&bdt=802&idt=25&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&pvsid=3008958241035527&tmod=1839741348&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=c9CbvahYUC&p=https%3A//all-news.co&dtd=29
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 09:56:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 369E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c33d2b3fdd0df6b009b984bb9c6a16d2c3c624c772e4f4362a1f2fc73c9c7e0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9D20
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
45ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:23 GMT
expires: Tue, 18 Apr 2023 10:43:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 587F 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 11:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 11:14:14 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f43ef8895064453530c715887da4cd1714b270f867a7147bd74455b62763704c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52059
x-xss-protection: 0
server: cafe
etag: 2168061243090406669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 35ms
34ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 34ms
33ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9494 32 KB
13 KB 859ms
858ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280&nras=2&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i8hTFJMrV5&p=https%3A//all-news.co&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d28f17021f343dc11e3ef559e83aa10c5797ae91e9235a5409c2613ee8c3de4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12961
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E750 32 KB
13 KB 618ms
617ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=232326213&adf=745126324&pi=t.aa~a.2369760627~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=zfPAqqLZJh&p=https%3A//all-news.co&dtd=38

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2dfcbfa434f2c9f633e38e914d0398d9b9f2033e70bd2e0c696d959e8ae90db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7732 32 KB
13 KB 1606ms
1605ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3214185842&pi=t.aa~a.3633464688~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=4&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yKBgPIBr15&p=https%3A//all-news.co&dtd=49

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82c6cff4996c575f0df00e849848f266fc6017c19eafce9f8b621d8f1fe5de2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13036
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 34ms
33ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/ Frame AD7C 10 KB
4 KB 103ms
102ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:23 GMT
etag: 2378337311435320485
expires: Tue, 02 May 2023 10:43:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/ Frame EEA1 10 KB
4 KB 203ms
203ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:23 GMT
etag: 2378337311435320485
expires: Tue, 02 May 2023 10:43:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/ Frame 8A04 10 KB
4 KB 309ms
309ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
etag: 2378337311435320485
expires: Tue, 02 May 2023 10:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/ Frame 5A08 10 KB
4 KB 417ms
417ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
etag: 2378337311435320485
expires: Tue, 02 May 2023 10:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame AD7C 4 KB
728 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Apr 2023 10:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 09:09:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Apr 2023 10:43:23 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD7C 205 B
650 B 81ms
24ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:33:13 GMT
x-content-type-options: nosniff
age: 29410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Apr 2024 02:33:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD7C 604 B
694 B 82ms
25ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:20:30 GMT
x-content-type-options: nosniff
age: 1373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Apr 2024 10:20:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/ Frame AD7C 19 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:23:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 659A 8 KB
966 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Apr 2023 10:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 09:24:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Apr 2023 10:43:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 659A 2 KB
846 B 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 18:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 18:48:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame 659A 22 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:08:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 659A 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 659A 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 659A 159 KB
49 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:23 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 659A 32 KB
14 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 02:17:26 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6EE2 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 09:56:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame EEA1 22 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:08:18 GMT

GET
H3 200 6413799827208162797
tpc.googlesyndication.com/daca_images/simgad/ Frame EEA1 53 KB
53 KB 27ms
27ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6413799827208162797

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcf3e6e4a35cb94185171bc176fb842b2e9a8e1d82c1b52f2e3b2f19f1ee98b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 21:28:29 GMT
x-content-type-options: nosniff
age: 220495
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54731
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:00:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Apr 2024 21:28:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame EEA1 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame EEA1 20 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEA1 159 KB
49 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:24 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame EEA1 33 KB
13 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13518
x-xss-protection: 0
server: cafe
etag: 3101116608242260287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:31:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8A04 8 KB
893 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 10:29:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Apr 2023 10:43:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 8A04 2 KB
765 B 46ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 18:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 18:48:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame 8A04 22 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:08:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 8A04 3 KB
1 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 8A04 20 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A04 159 KB
49 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:24 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 8A04 32 KB
13 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 02:17:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6EE2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
35ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
expires: Tue, 18 Apr 2023 10:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 8e3adedd6f76ceb5825dd9d6f211c14b.js Show response
www.gstatic.com/mysidia/ Frame 5A08 9 KB
4 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3832
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 02:17:33 GMT

GET
H2 200 3948120a15a578e7f932062966c168f5.js Show response
www.gstatic.com/mysidia/ Frame 5A08 10 KB
4 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3948120a15a578e7f932062966c168f5.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58ec48d4b2f76f2e63e163a7292d6cf6fe8daee7e4e660dce65eacea9ebf8c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4226
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 02:18:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5A08 8 KB
893 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 09:09:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Apr 2023 10:43:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5A08 2 KB
765 B 30ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 18:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 18:48:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame 5A08 22 KB
9 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:08:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5A08 3 KB
1 KB 33ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5A08 20 KB
8 KB 32ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A08 159 KB
49 KB 61ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:24 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 5A08 32 KB
13 KB 30ms
25ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 02:17:26 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB19 143 B
166 B 26ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 09:56:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6152079676203314377/ Frame 5A08 980 B
1007 B 30ms
30ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6152079676203314377/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7a20b40611c3c0cfbfac244061d7d5b79db8b6c9b78ed43ec11c0d952a7378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:40:46 GMT
x-content-type-options: nosniff
age: 280958
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 980
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 13:00:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Apr 2024 04:40:46 GMT

GET
DATA 200
OK truncated
/ Frame EEA1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 382678c90850780ce23f727f52331a6c3a6ac88747399ec75e8002c96d9781b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16313547548608985189/ Frame 8A04 10 KB
10 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16313547548608985189/14763004658117789537?w=400&h=209

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d35a7ea582a6f23d9f8167a3174d8f0a59c61229ad7195ba8ab78eedb8844f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 07:08:28 GMT
x-content-type-options: nosniff
age: 12896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10482
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 07:23:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Apr 2024 07:08:28 GMT

GET
DATA 200
OK truncated
/ Frame 8A04 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8A04 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8A04 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2422b40e621f2c9205f40f6f3227e2472391af93be84bba302a9dbc6efe18786

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5A08 0
0 71ms
70ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co3JCSnQ-ZKOdHKH7hAbe6JmoCNy5wIpwz9vs3qURzNr2mP4OEAEgzNPsggFg-wGgAaGV8u0CyAEBqQJPxyfSzVmyPqgDAaoEwAFP0HVnnTOknidHPITcAjpj2FCrOfGkmgNTWldz2a1dH76ClhFRKxD-4hBUKIjNv21r0eG_QM6j-mj7n7IdsIn_Vdn3nUvBfVTeYvpoTBokKQsqMzOH5lc71CG-61TXlDD1gfrB-FNGa4bsvlIoY8C0R1y1XRFdnJRYD_N8Z7VLuvud05fquhMVzLPKiUuAqp0mK5MYUK2rW3YTu56VxEuR7zlwqGVhbVc-PoO_XQh3gH2Sv2-oYVn-weFrhFLnSJzABNe74JGpBJIFBAgEGAGSBQQIBRgEgAfH6o2SAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEImMCtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMO0BUBmBYBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=rUTzdtezic8&uach_m=[UACH]&cid=CAQSGwBygQiDWIqDsEBbJKVjQQexEcWByai-ErCBghgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Apr 2023 10:43:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D703 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 09:56:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EEB6 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgb4tS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLIBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE1KnSJeQUFvoC4bMtaETeblh1PcDvy7QAnylz9aW-4mC1TABQZil4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=8zWd6k5-u4M&uach_m=[UACH]&cid=CAQSOwBygQiDocK238-DK1-AwA_dJ1UVmuNsicthuSfJIWbuzvem2QRRNHM2HnWTVskmbgITMAtCoO_c7wNfGAE

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=232326213&adf=745126324&pi=t.aa~a.2369760627~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=zfPAqqLZJh&p=https%3A//all-news.co&dtd=38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Apr 2023 10:43:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame EEB6 0
0 77ms
25ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kd9mfve06xh5r1eb32s5e3xh5q265hrd1828n9sepz2vzwp7sgd3yag2whpmmsvp9e1c2kmj1zw61fhdc6va7yz9fzh0t788msgnf5b20h60w24bx4ndp8dpv69gd6fr46dwvj3avh4ypdn1r08gj8pbc53t0bncgkq7d9d9yx7m9hwg7ng5w56phzbjsfh6tkyg7nxw8mt39w7tzt9j4w43jchz9g1gma9gz2z2kzdvq75btqee5fmt5syyfwfr04k87e8wknhfj9ek03q8ampv25y7m4cv50dnt4n4tafy73cbnk2h2x4w50vdnqjfy20nmv6av3jeeak81ag1qhkfdyyh4k51bywbf1a7mms4068y2s3f3pmxwhh7v94t7fy3z3q1787ghkn&b=ZD50SwALsE4KwSqhAASpZ2NN2X0xYqppkwfadg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Apr 2023 10:43:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 8815 2 KB
2 KB 91ms
41ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jkb5r8tbpnndgjxd3y90tvk701zases8b14rsa3f3py37mab7g1x7q7heyqhtc1xwg9a0z7dcg8wr2as8cbs1wm2qw47g5ps20yreh3zasr7g3kp6r82hxn4mkejxe8daftz2kt8b9wvt2f63dyrmb3b6qnc9gxsfhfnhhah56tvktks2sfvx9rkqn3dz7x748wn5s287r5sthkd7qjpx87tc9nfps8y8c0rkmbbaf9edpc5c49exse5sgpks55m9bfbve88p3py7ga8hr92hn8f1qntdqdbxhcfyj71ewn2dg2wvzcj369yqxhetb2pdhejqqa315e4vdzk4sz95r3b601750bshz0s3p26y8mrcjfzga11cn4psxmdgqxb8cpej23s7m2nvsfgt86rgg2y926ke61ynyptxq4xsbbdgh58ydy821wne2sv8kby471q7rhfq1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%26client%3Dca-pub-8439024877331049%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=232326213&adf=745126324&pi=t.aa~a.2369760627~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=zfPAqqLZJh&p=https%3A//all-news.co&dtd=38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b53b878d85deddba8c6437a20209c5db96d5d669cc4462d4d5b48b8cedb7b9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b9c4e7dfb8199cc-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame EEB6 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 335A 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:08:36 GMT
etag: 48472445140208031
expires: Wed, 19 Apr 2023 10:08:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame EEB6 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEB6 159 KB
49 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:24 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB19
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
42ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
expires: Tue, 18 Apr 2023 10:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F527 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 11:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 11:14:14 GMT

GET
DATA 200
OK truncated
/ Frame 5A08 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc1ed4f62794ad5927220d9e6b4e11d69ba7e4b0c4b0f511bf70ce3702d99d0b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EEA1 0
19 B 74ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C__xPSnQ-ZKGdHKH7hAbe6JmoCL62-L1vovnh4LAR-6H89dU1EAEgzNPsggFg-wGgAYGhpLkoyAECqAMByAPJBKoEyAFP0HZZ9BujTTIIU1ogEl1cipU4yVw0IVd2W4AxeZcvXHRHU2TosYDAYm6V7XYJb5ZqaNNpeJj2aV7IffjdJUwGAwL-d7GFTpoHCN1S5BKbKlLiFfQ37ehqdg-JaDJMji1Tuyb63WWxVh4zcPbJTznGmhppaDIwESkhxn9u_5ILCBiENxsXxDWyh2nauXp-g2OjmRKvdj4ck70_2vhsfhww81kTYlSFQQF8Npc8lStg9yO18HudBphhfWvtzpTKModQ2Klc7Tb1ScAE8cWr4psEkgUECAQYAZIFBAgFGASgBgKAB4HZ9JgDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2aED0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=FIDp38a_2n0&uach_m=[UACH]&cid=CAQSGwBygQiDWIqDsEBbJKVjQQexEcWByai-ErCBghgB&vis=1

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Apr 2023 10:43:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 05BF 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 11:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 11:14:14 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A04 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=62&version=r20230413&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A04 0
19 B 71ms
68ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ccx-dSnQ-ZKKdHKH7hAbe6JmoCL-G7_Fv97L1m40R4sa5vsM4EAEgzNPsggFg-wGgAbrfm_kDyAEJqAMByAPLBKoEvgFP0OKEV1PPvexNg3x1_8XNfwGPJfQsFfnXyhLmn7pZvXr1WyGS_YFqZWa-fWQuePA1OkrTQhm6BtLfj8mRADAajCJtHQcM5zsQTYhK6hIoRS2kKZUmoGTKmI_RR8pQvOQ1bjvrt5O4j4W_2f-GB7oPZkjlBIEiGDwmirzuJunHNrCiRYOyavbC3tIVZTc4mRpQWrENWNLDuh7oMIqZjqNUkuy66SA5b8_-K7utDuiwoHB0hl_w5cgjvjEg2ogxwAS_1-ejqwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzYP40gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD6hQLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=cg9leuT7LuI&uach_m=[UACH]&cid=CAQSGwBygQiDWIqDsEBbJKVjQQexEcWByai-ErCBghgB&template_id=5000&vis=1

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Apr 2023 10:43:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 335A 35 B
465 B 93ms
27ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOH_DPRxmGJdErWxtnZaHEc&google_cver=1&google_push=Aer7DvI-VpYx6r7hoCynho4SY5b_JWYtglloESH72a6vJSCdMLe9kV_YYapKSsMP6xN4gQpIQ_mhTbKWX3TCwlXqIxkXwoclWxl_I28QUVu7iM6rYDb6r5Xu4vdxiQr08ApbDkm3xy2SXee9c-cHahydsSiZZw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 335A
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEMk8MjEinNMpgkSPInAT24E&google_cver=1&google_push=Aer7DvKzO5FE0JxnOYiVdzlDiSgc1j49OdAcMXu5SoSdxfHly2oi5TPvJimyIErs-F6kr_JkEZhFfb5Oq4l6qzUqoNGU36hha5X-m...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvKzO5FE0JxnOYiVdzlDiSgc1j49OdAcMXu5SoSdxfHly2oi5TPvJimyIErs-F6kr_JkEZhFfb5Oq4l6qzUqoNGU36hha5X-mqMi0nickg7iLrqYqofnNU8U9DBi5-rK...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvKzO5FE0JxnOYiVdzlDiSgc1j49OdAcMXu5SoSdxfHly2oi5TPvJimyIErs-F6kr_JkEZhFfb5Oq4l6qzUqoNGU36hha5X-mqMi0nickg7iLrqYqofnNU8U9DBi5-rKEIVnEnNA6JzzfptRcahySq0f1lg&google_hm=Q0FFU0VNazhNakVpbk5NcGdrU1BJbkFUMjRF

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Apr 2023 10:43:23 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvKzO5FE0JxnOYiVdzlDiSgc1j49OdAcMXu5SoSdxfHly2oi5TPvJimyIErs-F6kr_JkEZhFfb5Oq4l6qzUqoNGU36hha5X-mqMi0nickg7iLrqYqofnNU8U9DBi5-rKEIVnEnNA6JzzfptRcahySq0f1lg&google_hm=Q0FFU0VNazhNakVpbk5NcGdrU1BJbkFUMjRF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 335A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGksZpuKduLIO7xokZCQr9o&google_cver=1&google_push=Aer7DvJ3cKq9IbOB4P-BcJ_GQNGDfKNos9xOTZp2bJa_hbP4tDeeI3d_LY1UMRkMGSgqkOdd6_mzgRZj...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGksZpuKduLIO7xokZCQr9o&google_cver=1&google_push=Aer7DvJ3cKq9IbOB4P-BcJ_GQNGDfKNos9xOTZp2bJa_hbP4tDeeI3d_LY1UMRkMGSgqkOdd6_m...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvJ3cKq9IbOB4P-BcJ_GQNGDfKNos9xOTZp2bJa_hbP4tDeeI3d_LY1UMRkMGSgqkOdd6_mzgR...

170 B
188 B

40ms
37ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvJ3cKq9IbOB4P-BcJ_GQNGDfKNos9xOTZp2bJa_hbP4tDeeI3d_LY1UMRkMGSgqkOdd6_mzgRZjVYMSyNHqFaD_eWtTqmKyJl4MRPqhLGu4Zw6pgXEMoVOTKPnOT1tocTQVK59ogLTmHscLZZg9h-TBMCs

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvJ3cKq9IbOB4P-BcJ_GQNGDfKNos9xOTZp2bJa_hbP4tDeeI3d_LY1UMRkMGSgqkOdd6_mzgRZjVYMSyNHqFaD_eWtTqmKyJl4MRPqhLGu4Zw6pgXEMoVOTKPnOT1tocTQVK59ogLTmHscLZZg9h-TBMCs
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 335A 43 B
297 B 413ms
22ms Image
image/gif 2a05:d01c:1d8:8100:7781:4495:ac65:b0a4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOdi2QtDgtY9IQKZEwlK16c&google_cver=1&google_push=Aer7DvJlcZ_sCp1t7zETk_sVmmJrRg1DtNja1jwQYSGqEeKqZbohfvC_ZqqRUikt_4b5NIX36rcYR2YS1Et3smmQfD4yq7ily5KdBAEe6Gs6OPciWtxy8UfmQuYFn2F3odrpmAdzzFvyC_9Eo057na9ExS0Cnw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=232326213&adf=745126324&pi=t.aa~a.2369760627~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=zfPAqqLZJh&p=https%3A//all-news.co&dtd=38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:7781:4495:ac65:b0a4 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 335A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFubzuFm_iUVGG-0wf2z6ZE&google_cver=1&google_push=Aer7DvLJA0c1G2DW1DNzxmV4pOJLYWbUpxyD0Ks5Wp71nRMjiKdAh6Np1SSzZLmWBRF8gWq8ehbfjxlo_LmZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLJA0c1G2DW1DNzxmV4pOJLYWbUpxyD0Ks5Wp71nRMjiKdAh6Np1SSzZLmWBRF8gWq8ehbfjxlo_LmZImpJVZ5aEiCOpOVREvEwwHUlyMoxcYTrRip8...

170 B
329 B

36ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLJA0c1G2DW1DNzxmV4pOJLYWbUpxyD0Ks5Wp71nRMjiKdAh6Np1SSzZLmWBRF8gWq8ehbfjxlo_LmZImpJVZ5aEiCOpOVREvEwwHUlyMoxcYTrRip8Ba8ncXp_LwTyLJl8rgLleEgkqcXGsh9NI025Nbw

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLJA0c1G2DW1DNzxmV4pOJLYWbUpxyD0Ks5Wp71nRMjiKdAh6Np1SSzZLmWBRF8gWq8ehbfjxlo_LmZImpJVZ5aEiCOpOVREvEwwHUlyMoxcYTrRip8Ba8ncXp_LwTyLJl8rgLleEgkqcXGsh9NI025Nbw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 335A
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOTkraNvasOJZF18Q7msWc0&google_cver=1&google_push=Aer7DvIZN_7ZHCGu8yy84xdFlUDSTujTM0j_GeI8e7QLpTftgBcZOUx7Ix4-xkwK-0Ecv-mqvlOdAZdWRka8rc6YR_gJ_to...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvIZN_7ZHCGu8yy84xdFlUDSTujTM0j_GeI8e7QLpTftgBcZOUx7Ix4-xkwK-0Ecv-mqvlOdAZdWRka8rc6YR_gJ_to64axV0TZVAfntEfPt65lWXETKQU...

170 B
232 B

37ms
37ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvIZN_7ZHCGu8yy84xdFlUDSTujTM0j_GeI8e7QLpTftgBcZOUx7Ix4-xkwK-0Ecv-mqvlOdAZdWRka8rc6YR_gJ_to64axV0TZVAfntEfPt65lWXETKQUTb7BDw-GPHRn0q2S45VOvkBl0CKWEs6UBKIPz5&google_hm=ODkwNzE5NjU3MzY2NTI0MzE5Ng==

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvIZN_7ZHCGu8yy84xdFlUDSTujTM0j_GeI8e7QLpTftgBcZOUx7Ix4-xkwK-0Ecv-mqvlOdAZdWRka8rc6YR_gJ_to64axV0TZVAfntEfPt65lWXETKQUTb7BDw-GPHRn0q2S45VOvkBl0CKWEs6UBKIPz5&google_hm=ODkwNzE5NjU3MzY2NTI0MzE5Ng==
Date: Tue, 18 Apr 2023 10:43:24 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 335A
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEFxKwMi0tkVR7uxQEmVJP-s&google_cver=1&google_push=Aer7DvJotQr-klKjGKFepztZnCaaaXbHmo9HucGFu719Z1OipOh2pt0Vt7q4rMH9a_Pp-IgT52e_AyalWoGBk1u...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=WvVmlAel60ee5lEovlYE1Q&google_push=Aer7DvJotQr-klKjGKFepztZnCaaaXbHmo9HucGFu719Z1OipOh2pt0Vt7q4rMH9a_Pp-IgT52e_AyalWoGBk1uzc5jr-EAmm...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=WvVmlAel60ee5lEovlYE1Q&google_push=Aer7DvJotQr-klKjGKFepztZnCaaaXbHmo9HucGFu719Z1OipOh2pt0Vt7q4rMH9a_Pp-IgT52e_AyalWoGBk1uzc5jr-EAmmt4Xra8la4SsbIFg00HRtrrnoabmdtsku-LXup_hEXmGTkpBOvewCZsJEnnZtrmh

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=WvVmlAel60ee5lEovlYE1Q&google_push=Aer7DvJotQr-klKjGKFepztZnCaaaXbHmo9HucGFu719Z1OipOh2pt0Vt7q4rMH9a_Pp-IgT52e_AyalWoGBk1uzc5jr-EAmmt4Xra8la4SsbIFg00HRtrrnoabmdtsku-LXup_hEXmGTkpBOvewCZsJEnnZtrmh
Date: Tue, 18 Apr 2023 10:43:24 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 335A 0
139 B 111ms
33ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iztcb-zYOYbgqPXKnpq-6yyqjb3gm_KYbOUkzWONh3upDmRK12MT350K9JUBXP4VyuNcCOQJ8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D703
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
33ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
expires: Tue, 18 Apr 2023 10:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EEB6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bace2e8ecac5ad937e289ecab673d2cce6ef612bad0ba5b079de0560243c3ac4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 8815 94 KB
12 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jkb5r8tbpnndgjxd3y90tvk701zases8b14rsa3f3py37mab7g1x7q7heyqhtc1xwg9a0z7dcg8wr2as8cbs1wm2qw47g5ps20yreh3zasr7g3kp6r82hxn4mkejxe8daftz2kt8b9wvt2f63dyrmb3b6qnc9gxsfhfnhhah56tvktks2sfvx9rkqn3dz7x748wn5s287r5sthkd7qjpx87tc9nfps8y8c0rkmbbaf9edpc5c49exse5sgpks55m9bfbve88p3py7ga8hr92hn8f1qntdqdbxhcfyj71ewn2dg2wvzcj369yqxhetb2pdhejqqa315e4vdzk4sz95r3b601750bshz0s3p26y8mrcjfzga11cn4psxmdgqxb8cpej23s7m2nvsfgt86rgg2y926ke61ynyptxq4xsbbdgh58ydy821wne2sv8kby471q7rhfq1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jkb5r8tbpnndgjxd3y90tvk701zases8b14rsa3f3py37mab7g1x7q7heyqhtc1xwg9a0z7dcg8wr2as8cbs1wm2qw47g5ps20yreh3zasr7g3kp6r82hxn4mkejxe8daftz2kt8b9wvt2f63dyrmb3b6qnc9gxsfhfnhhah56tvktks2sfvx9rkqn3dz7x748wn5s287r5sthkd7qjpx87tc9nfps8y8c0rkmbbaf9edpc5c49exse5sgpks55m9bfbve88p3py7ga8hr92hn8f1qntdqdbxhcfyj71ewn2dg2wvzcj369yqxhetb2pdhejqqa315e4vdzk4sz95r3b601750bshz0s3p26y8mrcjfzga11cn4psxmdgqxb8cpej23s7m2nvsfgt86rgg2y926ke61ynyptxq4xsbbdgh58ydy821wne2sv8kby471q7rhfq1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 477305
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1W8ptvsP0zfPueypr7pdIV7geXSMBw0pox4m5M%2F8BVduf9aZAMFtcyry7edv1niLq64aa59daAuW7h1kAV%2FAg3FLiCROLOfkPkGgphroiknQbJVj8uvXFZp5By1uoZxxhcAYwnqwghQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b9c4e7f5caf99cc-CDG
expires: Tue, 18 Apr 2023 11:43:24 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 8815 25 KB
10 KB 38ms
27ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jkb5r8tbpnndgjxd3y90tvk701zases8b14rsa3f3py37mab7g1x7q7heyqhtc1xwg9a0z7dcg8wr2as8cbs1wm2qw47g5ps20yreh3zasr7g3kp6r82hxn4mkejxe8daftz2kt8b9wvt2f63dyrmb3b6qnc9gxsfhfnhhah56tvktks2sfvx9rkqn3dz7x748wn5s287r5sthkd7qjpx87tc9nfps8y8c0rkmbbaf9edpc5c49exse5sgpks55m9bfbve88p3py7ga8hr92hn8f1qntdqdbxhcfyj71ewn2dg2wvzcj369yqxhetb2pdhejqqa315e4vdzk4sz95r3b601750bshz0s3p26y8mrcjfzga11cn4psxmdgqxb8cpej23s7m2nvsfgt86rgg2y926ke61ynyptxq4xsbbdgh58ydy821wne2sv8kby471q7rhfq1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 486868
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPMv2px8tHOYZUr5zgsmSoOg1kpWk3ju0f9VhWEY4GsDIirdW4V1O%2BKhIycoRRqXUFN8alwck1Z5dbk4w9sVgYOuhuSaC6mTCcxDeivLBApVChSL1VPO62cFQFg9gGT9KWhK0YY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7b9c4e7f6cbe99cc-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 11 Apr 2023 13:45:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6D5C 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM2RrS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgSyAU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qJhMcm6dHljycS59lrqOOgoUqIag6yhbjCXmBnoB1mFoYHHhLwbSABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=Lvg7lXv2adg&uach_m=[UACH]&cid=CAQSOwBygQiDwHJbdyRNmLwRak6v_X9gTidP27FFTyX-H2MWu9dXjDsY5HiZBVn91B2EGUUT7Ii9FhYymzIUGAE

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280&nras=2&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i8hTFJMrV5&p=https%3A//all-news.co&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Apr 2023 10:43:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6D5C 0
0 47ms
46ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kxse08hpp56qbj9cr5927410xt9ahv3j5atartypba3fd8y6zhtw64j113yp3nt5tk59k7qcj0bx04skn0sezbdk2sqqws9khqppat808shvamn7jkyp3beks4e0gcy64p2var5qxkrvyvm70y8mc2k47zm349bmpekp1xkdk07tkpstxvytn44graqv2bqj2psa9p0mzmygb1w1bm5qhk8xbj42c18zjwhxbdt14f2w5sg04wnqhv27at84sekdp3jdfwwkjtq33d7rrd1wycd6d554f6f5dw8921st8bdrjzn4de39xdcder78f7swm000xv0x0xzy04xz1cj3janx89eadsnnj2hp2kmzfv4q5e126rdpw23xefypbq44he0be3xj9j73e42&b=ZD50SwALBSEBy4UqAAz8V124CTPY_6-P05m8Ug
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Apr 2023 10:43:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 9905 2 KB
2 KB 44ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k4ekyryr6gccvs4n0mwq5nennsnk7htmeve1pjdb0s7tae200tjtje7xnh27cxy1k09a1qy0v52kevyg84hq9hy54r9jb0sb4e90d6y0fhmjxnyhm09eds70hfd6zehq3d437cq179n6jm0cyppy76vmrt9t8gke195sk84pvw1jhgrse8w8tbn9kcv0tsja334238yh4dt5q03pym9jy1taf4ftctg5wm1vzgwd08m39ecn0neex8dt9ptynbcptzeetn9ban8f3yzh64zd7ppttn5b8dfyazahj3crk7nh59w4a2qmz5etqpx3868c4gdnrf72e6rmfxrf0xxftr7djwb44z33brh1kwa8f3fvhv0hdhkch0j6zrm13vw0gxytbz95y15203nkadxynx0emwpk8yk3mphrscnkbnc803rd8d948gn3918sjkwfcbn6vt49mvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%26client%3Dca-pub-8439024877331049%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280&nras=2&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i8hTFJMrV5&p=https%3A//all-news.co&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4390f854512f2b29e3bc81d35572b75883f2a96ce0f146eca72d71ee3417d79e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b9c4e7fae310494-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:24 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 6D5C 3 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6FB5 1 KB
643 B 47ms
46ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:08:36 GMT
etag: 48472445140208031
expires: Wed, 19 Apr 2023 10:08:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 6D5C 20 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D5C 159 KB
49 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:24 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8815 3 KB
4 KB 215ms
27ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1571
x-guploader-uploadid: ADPycdvuf-G1KID1gkOkM-g2aJQOCL2viarMyjcOegz_B5dhIE0orE4Bm68NYO2LrAFlD-l4buI6hLfkiI43xVG_fC7Lmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7j3R6Ef6eTA%2FUFKrsW1S1l9ZYaFTha%2BsT3Udo78MepL67MvjNo%2FHhm66aNxCBmbZpNTWUUS%2FytY4IymeY8qSbqa3i4WL2wNBHIfTdDZWPm5LYI0Eik1563RotDA7jorIOyESbUzTsPHarcIYiYEJxFb"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7b9c4e80fd44d712-CDG
expires: Tue, 18 Apr 2023 11:17:13 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame FED6 2 KB
1 KB 40ms
27ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1264624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7b9c4e7ffe840494-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 18 Apr 2023 10:43:24 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErwRnhKIJOmAR1BMdiCaJOvx5hbp2YXsAhXjSAwSQgJZ4mO43vgoY2drqoiCYaJrxewo95qHkU%2Fg43MzPrnUCroEGRaT8hga3%2Fe%2BlQULXcjJ8i8nwbrtgeoBH7nxmH8cqx%2FyT1Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 9905 94 KB
12 KB 41ms
41ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k4ekyryr6gccvs4n0mwq5nennsnk7htmeve1pjdb0s7tae200tjtje7xnh27cxy1k09a1qy0v52kevyg84hq9hy54r9jb0sb4e90d6y0fhmjxnyhm09eds70hfd6zehq3d437cq179n6jm0cyppy76vmrt9t8gke195sk84pvw1jhgrse8w8tbn9kcv0tsja334238yh4dt5q03pym9jy1taf4ftctg5wm1vzgwd08m39ecn0neex8dt9ptynbcptzeetn9ban8f3yzh64zd7ppttn5b8dfyazahj3crk7nh59w4a2qmz5etqpx3868c4gdnrf72e6rmfxrf0xxftr7djwb44z33brh1kwa8f3fvhv0hdhkch0j6zrm13vw0gxytbz95y15203nkadxynx0emwpk8yk3mphrscnkbnc803rd8d948gn3918sjkwfcbn6vt49mvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k4ekyryr6gccvs4n0mwq5nennsnk7htmeve1pjdb0s7tae200tjtje7xnh27cxy1k09a1qy0v52kevyg84hq9hy54r9jb0sb4e90d6y0fhmjxnyhm09eds70hfd6zehq3d437cq179n6jm0cyppy76vmrt9t8gke195sk84pvw1jhgrse8w8tbn9kcv0tsja334238yh4dt5q03pym9jy1taf4ftctg5wm1vzgwd08m39ecn0neex8dt9ptynbcptzeetn9ban8f3yzh64zd7ppttn5b8dfyazahj3crk7nh59w4a2qmz5etqpx3868c4gdnrf72e6rmfxrf0xxftr7djwb44z33brh1kwa8f3fvhv0hdhkch0j6zrm13vw0gxytbz95y15203nkadxynx0emwpk8yk3mphrscnkbnc803rd8d948gn3918sjkwfcbn6vt49mvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 603523
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2CJ2%2Fx6YSMgKDnyChRbwC92rYiUxCJsqh2yQ8B1MitqARQ4HTJNd1vmrGx9lDSihIRJYw6Iv9r%2F0pSAiRrQEP2gglcW3OTlfgtghgvzmeAh6Nx%2B89mooGV%2BG9CZVeonW3PqjgET6YQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b9c4e7ffe8b0494-CDG
expires: Tue, 18 Apr 2023 11:43:24 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 9905 25 KB
10 KB 28ms
27ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k4ekyryr6gccvs4n0mwq5nennsnk7htmeve1pjdb0s7tae200tjtje7xnh27cxy1k09a1qy0v52kevyg84hq9hy54r9jb0sb4e90d6y0fhmjxnyhm09eds70hfd6zehq3d437cq179n6jm0cyppy76vmrt9t8gke195sk84pvw1jhgrse8w8tbn9kcv0tsja334238yh4dt5q03pym9jy1taf4ftctg5wm1vzgwd08m39ecn0neex8dt9ptynbcptzeetn9ban8f3yzh64zd7ppttn5b8dfyazahj3crk7nh59w4a2qmz5etqpx3868c4gdnrf72e6rmfxrf0xxftr7djwb44z33brh1kwa8f3fvhv0hdhkch0j6zrm13vw0gxytbz95y15203nkadxynx0emwpk8yk3mphrscnkbnc803rd8d948gn3918sjkwfcbn6vt49mvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 593860
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hj51sXyPtUU16BuizLxfRTxMBNsOcgEXaFYL4RdsCwYzzFmGIo5JxFtBBBIDw3qtNp3fzrVLA%2FtXnuI3RV4zksBj67Fji8N6PxcH21WUARVH7FQOW0%2FzO2z9s%2FMekIwHTjScBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7b9c4e7ffe8c0494-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 11 Apr 2023 13:45:44 GMT

GET
DATA 200
OK truncated
/ Frame 6D5C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9653a9edd7ed89208dfdfbf6dc4a8d7adc2acc4a560feacdda3d30cb6879c883

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FB5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvL2r9N7tUdaHr6hzC7OJJjzlmXBpUI34-sft5Magkv...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvL2r9N7tUdaHr6hzC7OJJjzlmXBpUI34-sft5MagkvuA4u8yIRckVXbzdvac-DOu49QAl23mrnCEe9sDfXYGnC5Dy0RC8WrZnI

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Apr 2023 10:43:24 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-017dcce659d1d3103@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvL2r9N7tUdaHr6hzC7OJJjzlmXBpUI34-sft5MagkvuA4u8yIRckVXbzdvac-DOu49QAl23mrnCEe9sDfXYGnC5Dy0RC8WrZnI
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHHlSMclLvzb_5jwivO3zbE&google_push=Aer7DvI-wIllXnaOVVOKuJ7-xznHHOJ8W2kCPC58cF8nOOLArP2B20uSUp...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHHlSMclLvzb_5jwivO3zbE&google_push=Aer7DvI-wIllXnaOVVOKuJ7-xznHHOJ8W2kCPC58cF8nOOLArP2B20uSUpwx02Eeah0vqKJoGHWBkcJZacc644JOvBZaEeUINky0WrA

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-lcy-eglc8600052-LCY
pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681814605.965324,VS0,VE77
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHHlSMclLvzb_5jwivO3zbE&google_push=Aer7DvI-wIllXnaOVVOKuJ7-xznHHOJ8W2kCPC58cF8nOOLArP2B20uSUpwx02Eeah0vqKJoGHWBkcJZacc644JOvBZaEeUINky0WrA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FB5
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOzfdvfl6t8Sshw4SV_y6tk&google_cver=1&google_push=Aer7DvL2_2TBR0pTOrklSnicVUQAYzmX6NhMBQCuTuojMFod52Do-E_oiAwbtPg-1kmBq943rhO2GHzg6P88XaHV...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4_pfHmHqRECqw98tTqcBTg2&google_push=Aer7DvL2_2TBR0pTOrklSnicVUQAYzmX6NhMBQCuTuojMFod52Do-E_oiAwbtPg-1kmBq943rhO2GHzg6P88XaHVdx4TlaaDe_9_Rg

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4_pfHmHqRECqw98tTqcBTg2&google_push=Aer7DvL2_2TBR0pTOrklSnicVUQAYzmX6NhMBQCuTuojMFod52Do-E_oiAwbtPg-1kmBq943rhO2GHzg6P88XaHVdx4TlaaDe_9_Rg

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 18 Apr 2023 10:43:24 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4_pfHmHqRECqw98tTqcBTg2&google_push=Aer7DvL2_2TBR0pTOrklSnicVUQAYzmX6NhMBQCuTuojMFod52Do-E_oiAwbtPg-1kmBq943rhO2GHzg6P88XaHVdx4TlaaDe_9_Rg
x-host: tde-deliveryengine-production-64c8469d98-5p9br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FB5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENCQa0gLVdjD9XGet-rYIHg&google_cver=1&google_push=Aer7DvILYNK5a4FQhUNggPtGtKmfBg2g689y8n4GzrFyD2NTBVS4Uwo9FcLTLzNPMAL6TAmVYWvswBeluTkb1BPHPcAl80q...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvILYNK5a4FQhUNggPtGtKmfBg2g689y8n4GzrFyD2NTBVS4Uwo9FcLTLzNPMAL6TAmVYWvswBeluTkb1BPHPcAl80qJuq_RMg&google_hm=eS1WWGlDeTZKRTJwRk5H...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvILYNK5a4FQhUNggPtGtKmfBg2g689y8n4GzrFyD2NTBVS4Uwo9FcLTLzNPMAL6TAmVYWvswBeluTkb1BPHPcAl80qJuq_RMg&google_hm=eS1WWGlDeTZKRTJwRk5HVU5LM0RzMnV6SFUyeUlyeGh2cn5B

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 18 Apr 2023 10:43:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvILYNK5a4FQhUNggPtGtKmfBg2g689y8n4GzrFyD2NTBVS4Uwo9FcLTLzNPMAL6TAmVYWvswBeluTkb1BPHPcAl80qJuq_RMg&google_hm=eS1WWGlDeTZKRTJwRk5HVU5LM0RzMnV6SFUyeUlyeGh2cn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FB5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGksZpuKduLIO7xokZCQr9o&google_cver=1&google_push=Aer7DvI5VDKMK3PHnSpkxmIuOOEoATF0H1cFnt7cwwjs1yWxkile4SgI5y_lVw-BdFlxEBkV58jxOBLy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvI5VDKMK3PHnSpkxmIuOOEoATF0H1cFnt7cwwjs1yWxkile4SgI5y_lVw-BdFlxEBkV58jxOB...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvI5VDKMK3PHnSpkxmIuOOEoATF0H1cFnt7cwwjs1yWxkile4SgI5y_lVw-BdFlxEBkV58jxOBLyvzYiyLibTptB-vgaul3qKtc

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvI5VDKMK3PHnSpkxmIuOOEoATF0H1cFnt7cwwjs1yWxkile4SgI5y_lVw-BdFlxEBkV58jxOBLyvzYiyLibTptB-vgaul3qKtc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6FB5 43 B
351 B 133ms
28ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAeRgjJPQWgS3jinXX3DgbY&google_cver=1&google_push=Aer7DvJvSdvWRTmmYWnP-zDjxused9ZN5ioJfRz0NxfcKmA3T52U3uMBCViUCn9KhX_X6t6KTh6nE1hPUuLXcHDKCChp44ko5j0EnZE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=-M&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280&nras=2&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i8hTFJMrV5&p=https%3A//all-news.co&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:24 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: hi1aqolqdhvnvqk2kr0126db3c32hobo

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FB5
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKK6DpdokqTiwDrYX-O0xAXXnVG86E_G1AnCvV5BKuDwrjl0jN-pT9ZXX15tUZu1KDB7haaCo2Mce9a7sh47iGIVhssQMt-AQ

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKK6DpdokqTiwDrYX-O0xAXXnVG86E_G1AnCvV5BKuDwrjl0jN-pT9ZXX15tUZu1KDB7haaCo2Mce9a7sh47iGIVhssQMt-AQ
date: Tue, 18 Apr 2023 10:43:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6FB5 0
12 B 33ms
32ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lmf09TPGP-Zayhupxq7xVYzuQdHceW7CSX97GE7OSDtBSt59TEiL4ToUG-v7URqsddPIG-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9905 3 KB
3 KB 105ms
28ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1571
x-guploader-uploadid: ADPycdvuf-G1KID1gkOkM-g2aJQOCL2viarMyjcOegz_B5dhIE0orE4Bm68NYO2LrAFlD-l4buI6hLfkiI43xVG_fC7Lmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naNR7LU3mSsDIXZu6BymnOchfqQk4G48P1qxOkpjBXOoBLi92RcoiIwdCh8%2FV5rV8nhQJBPzOrLIdVBpDJZ8juMpSQe64sSKCR3AvS5Qr3VhnYR%2FRebPdkc6ivgsJ62CmYlvs2R60wZ845iazoQvd%2FOZ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7b9c4e80fd46d712-CDG
expires: Tue, 18 Apr 2023 11:17:13 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 0171 2 KB
1 KB 26ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1264624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7b9c4e80ff490494-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 18 Apr 2023 10:43:24 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhO9uEQnTjXQP7DmBLsdE35rkT4qOb74RIPNLAOF4wUstx8SgNuRMztv4FP8hUaVUpkAvUWJEOkB7ZUmN0uskY7%2FKVtOKUEnY%2B7goFS8j5Vy0plGkwugYYVEMJ7ezTCIWY%2BRKSs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 8815 1 KB
2 KB 37ms
37ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f0ab2aa653a9a5c555943c2ce92a269b9335fdf3b8cd568f960e1216f82117d

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfseC0o1HodUNneMynuGhYSJeII9Hk%2BQkwKhPF92T4qNCs5TEa31SVmLidmRz6e2Naw5%2BAkX6QkZW%2BRU4os8G4hdAIu7BatRdT75OyG%2BJOViEbdo8ZLXSLHbzWrMVXTlLAkaOX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7b9c4e814e05d6c6-CDG
x-backend-server: aa-reachservice-group-europe-west1-kkjz
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 119ms
36ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b9c4e810ddad6c6-CDG
content-length: 24
content-type: text/plain
date: Tue, 18 Apr 2023 10:43:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAUyn4tnQCSRBl3hmgWuXPcbmUbpa3Tb8a%2F5WoOLigtvUZmHgHBGfmT3Bub5hPUdVia%2B6ZfTA%2FopLCxp7o%2B4AOgeHgebVEqWLCU01oL8rWBN29SLxPtozsrBJAUqGAOHg7pWga0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-bcvw

POST
H3 200 rs Show response
ad4m.at/ Frame 9905 1 KB
2 KB 37ms
37ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fdf50fbd3a7b53640690ae5d248d246e60a7735577072746438c970864e250b

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNKsZMyyeJH%2Bses4T14Y3pJK8qGrb6EgBR55AVvPvfWf%2BWGGNcrzq%2FtMA3OsFdEQb%2FwKeifWxCvU%2B5XU9HSNnNTG%2Bq8E1bWywHrlI6A%2Bzkkt6%2BmhKv1Z8h24Lh%2BnmYSzOkvlQu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7b9c4e817e27d6c6-CDG
x-backend-server: aa-reachservice-group-europe-west1-kkjz
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 38ms
37ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b9c4e813e00d6c6-CDG
content-length: 24
content-type: text/plain
date: Tue, 18 Apr 2023 10:43:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow%2FcIaBRUjj71PDFNpMBFfhwW%2Bh21Vd5ukkBrxCUtr8ZQIfxa3sLK%2BCTnlX1oG0RcRn6OKrETQYrDTxF%2FGzQTXAliC5fAP9UX8lgFM7Me%2Biyj19tBrACMZJ204CTvSA0zpjhPCw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-bcvw

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame FBB5 9 KB
4 KB 36ms
36ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ef72da35a5d49f2277a6c30b667d990e73b3b6de297632da934f173598c8f5e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jkb5r8tbpnndgjxd3y90tvk701zases8b14rsa3f3py37mab7g1x7q7heyqhtc1xwg9a0z7dcg8wr2as8cbs1wm2qw47g5ps20yreh3zasr7g3kp6r82hxn4mkejxe8daftz2kt8b9wvt2f63dyrmb3b6qnc9gxsfhfnhhah56tvktks2sfvx9rkqn3dz7x748wn5s287r5sthkd7qjpx87tc9nfps8y8c0rkmbbaf9edpc5c49exse5sgpks55m9bfbve88p3py7ga8hr92hn8f1qntdqdbxhcfyj71ewn2dg2wvzcj369yqxhetb2pdhejqqa315e4vdzk4sz95r3b601750bshz0s3p26y8mrcjfzga11cn4psxmdgqxb8cpej23s7m2nvsfgt86rgg2y926ke61ynyptxq4xsbbdgh58ydy821wne2sv8kby471q7rhfq1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%26client%3Dca-pub-8439024877331049%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b9c4e818fbd0494-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:25 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2C1B 9 KB
4 KB 57ms
56ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce0175c07744b4af1bd11d51e4925bd81572be7f8febf8da4f00c2acb9462e0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k4ekyryr6gccvs4n0mwq5nennsnk7htmeve1pjdb0s7tae200tjtje7xnh27cxy1k09a1qy0v52kevyg84hq9hy54r9jb0sb4e90d6y0fhmjxnyhm09eds70hfd6zehq3d437cq179n6jm0cyppy76vmrt9t8gke195sk84pvw1jhgrse8w8tbn9kcv0tsja334238yh4dt5q03pym9jy1taf4ftctg5wm1vzgwd08m39ecn0neex8dt9ptynbcptzeetn9ban8f3yzh64zd7ppttn5b8dfyazahj3crk7nh59w4a2qmz5etqpx3868c4gdnrf72e6rmfxrf0xxftr7djwb44z33brh1kwa8f3fvhv0hdhkch0j6zrm13vw0gxytbz95y15203nkadxynx0emwpk8yk3mphrscnkbnc803rd8d948gn3918sjkwfcbn6vt49mvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%26client%3Dca-pub-8439024877331049%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b9c4e81bfeb0494-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:25 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame FBB5 94 KB
12 KB 29ms
29ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 603524
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnmD5QZX6SA5fJi3QS7YprZKOY0%2BW71fmei5vU%2F3gYAiLYLYNvGXorqOXIobI4bufHKj0RevHF07nuwxFfZEkLeGsZ%2FFpJnqESjo8VPj1fCeqJOes0PiVViY14eWRMa4EqGKPm%2FWQXU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b9c4e81cff00494-CDG
expires: Tue, 18 Apr 2023 11:43:25 GMT

GET
H2 200 56515324823B20B365599899F7CDEAEB06518780A43B3E7AB9DC3B7026550354C014E90B362FBE6746CDD7B1A883CB77E3AB8F8A4BC408ABCBB20C42D62BACFF
assets.ad4m.at/logo/ Frame FBB5 15 KB
16 KB 61ms
52ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/56515324823B20B365599899F7CDEAEB06518780A43B3E7AB9DC3B7026550354C014E90B362FBE6746CDD7B1A883CB77E3AB8F8A4BC408ABCBB20C42D62BACFF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198a13fd37b3d45a2a089dc1c04c1691eaf37c9983a08ea5ca01c44d89b01049

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 524204
cf-polished: degrade=85, origSize=25367, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15646
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 08:28:37 GMT
server: cloudflare
etag: "dfa1686790e6feac388f794e778aee4e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Z5EVM%2BiYJCoedAPDuGSNL3YTL3lQhNjLRBgx%2BKIKEW%2BPQt2szbXPUMGGnuuypGLgvmPKUyECL2W5wwdABIt7OvHm5rvlSPJ6wideh8husHOCPMQZaIpWeo8N1vCkrpFmbpSniX%2BV%2Fa8sEP8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e81deb499cc-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H2 200 D0574E0413E4E2BF9F008E0925864824C9C91D7469B0410E2F3EB73D162C6D34C8AF516C4C6C55022713841D90D6D03D077D31DADDD18ED4358557306F688430
assets.ad4m.at/product_image/ Frame FBB5 44 KB
44 KB 60ms
52ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/D0574E0413E4E2BF9F008E0925864824C9C91D7469B0410E2F3EB73D162C6D34C8AF516C4C6C55022713841D90D6D03D077D31DADDD18ED4358557306F688430
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8900dfcb3fb3061252db53c35479af4ed2ac43949275adbdace2737b361674b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 806169
cf-polished: degrade=85, origSize=87656, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44946
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 08:38:48 GMT
server: cloudflare
etag: "1fa3c4594e12e50f0f5fe57e7d45863b"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N57CtKbqNNzTXcrs5ZQxSV8nYN%2FiqFK1BJWyWX5PVZpfiHSfbm79BEWk%2BFjmfwk%2FuLs9duTRaYE%2FH6fSuYWp8TzuWIqIi%2BMU9guHTo4NtrnI5MJRE%2F6NniccaPtyvbIiS4r8NPs%2BafANbuKF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e81deb899cc-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame FBB5 43 B
2 KB 138ms
94ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://action.metaffiliation.com/trk.php?taff=P510DF956C8631D43&argsite=oneidXgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84oneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.020284175872803
Connection: keep-alive
X-TRK-PROC: 69113
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 1
Server: nginx
Last-Modified: Tue, 18 Apr 2023 10:43:25 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 8E6112E24CA72CECF391231BFB8CBE06C5595D2145E07986C0615093B1948C8152DB90DEF32D37BB457C10E953AC1F45588FDDD710A0C889448C05BBE2B71014
assets.ad4m.at/logo/ Frame FBB5 9 KB
9 KB 36ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/8E6112E24CA72CECF391231BFB8CBE06C5595D2145E07986C0615093B1948C8152DB90DEF32D37BB457C10E953AC1F45588FDDD710A0C889448C05BBE2B71014
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3e9f8d954bbc4ccaaaba37ec087200fc27613396bef7935fa0057a5b125d8a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 806169
cf-polished: qual=85, origFmt=jpeg, origSize=25686
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9246
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Feb 2023 14:39:55 GMT
server: cloudflare
etag: "fbfe879b30f0a3016143c62a03cc7950"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQ49Jf%2FfqOSnTgX4%2B2YyHOLEeanFvjrT%2BIDfaPWH0p6UjkizJp8TrFJ4Xoc9IVus4vMEgvnFCE20lX2L30XZ5URgIoTbTqS8B%2BzVe3HUiMH6J4umFiF4Uz%2FTTSjj2d6jnRuTkX%2F%2FesoywSg0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e81deb399cc-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H2 200 C0623A880E9DE99DCED5DFEA7C126B0D438A62D5526E0A539A5E06A470223213EEA75F6815823799B21D97E82BEEFD9E9ECDD76A1A443D1E9AB398D084283187
assets.ad4m.at/product_image/ Frame FBB5 20 KB
21 KB 55ms
47ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C0623A880E9DE99DCED5DFEA7C126B0D438A62D5526E0A539A5E06A470223213EEA75F6815823799B21D97E82BEEFD9E9ECDD76A1A443D1E9AB398D084283187
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d70ce3634a802c55840a92bd6521cc811972195b5374f45b2e3a4f4efc138e5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126768
cf-polished: qual=85, origFmt=jpeg, origSize=52383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20812
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Feb 2023 14:42:27 GMT
server: cloudflare
etag: "464e2b4d29297d5a40e7eb7599c424eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9MZcqdFSQSrs5ui2qG2WgAZUGMSqjGOKG2a4nyL1sTuTQDYh52dGphUqqooiSeTLU2ZdNLKnfzCudlbrr9Zz4s2ie0nFpgGrgYk8mE63SHcj5rNn80QsJhopls5uDQQg7GQw%2FweReRgiMZ5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e81deba99cc-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame FBB5 43 B
2 KB 143ms
98ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://action.metaffiliation.com/trk.php?taff=P51100556C8631B19&argsite=oneidRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQxoneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.028043985366821
Connection: keep-alive
X-TRK-PROC: 69637
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 3
Server: nginx
Last-Modified: Tue, 18 Apr 2023 10:43:25 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame FBB5 19 KB
20 KB 37ms
30ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 833d480021e0c7dabb6b1a839eaa3e70843803e3a7f8bdd2eeba8007cb130bba

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1015517
cf-polished: degrade=85, origSize=19949, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19602
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUsZ2qYx4Yvwpr9f4OfxW%2FxerRhZ%2BZRtW%2Fks8wCDXuP%2BiyGydcauJGAwswQlP8vxg%2B2VZPKAfcpRHzDXrj8DY1bZqGDNhdSvtkQ7WEJDQR7CreDTYMXrvDspveOMSKFY4GAr5w%2FLUOYvOVtD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e81deb199cc-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame FBB5 274 KB
275 KB 40ms
34ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262e71e77a987421124a8888dc71cafe291b7501a89bee9cc18f109ea628ed5b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477977
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280768
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LkNnH%2FwNEbZBGfYpe5VVfDzenExx8hgEn2O%2FkgiqY7uQ9%2F%2FX0wWxvA2S54JI9fDDP2QTGm7CMfEN%2FOYaHksiJ86lFhGSpNquD0Htcpb2sXTGWuPGeRaiPpsUSAEvcdMq4Ih5C3VqC64KobI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e81deaf99cc-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame FBB5
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmdoneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

107ms
19ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: gzip
age: 3414
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135736
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
x-ocdn-rp: HTTP/2.0
x-ocdn-net: EUFR16276
etag: "5e15e184-21403"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes

Redirect headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.028571128845215
Connection: keep-alive
X-TRK-PROC: 58179
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 5
Server: nginx
Last-Modified: Tue, 18 Apr 2023 10:43:25 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 2C1B 94 KB
12 KB 183ms
183ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 603524
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8VJ1zOkCUIwnRYUjvFQeTVzN%2FnJsObj5HRHXfaYkMOs%2B137IPgxVHKCazD9f0kDPNJu5IqsYaD6ihlr%2B0c7gS6pc7RO6OYIADZJjE%2FqLW073pCjtHL13FMnL3DfPqdOFWvmPqdKGBM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b9c4e8218350494-CDG
expires: Tue, 18 Apr 2023 11:43:25 GMT

GET
H3 200 D5F7C1426A6A5947F76296F8D1C89E7B86A026E5DD02654F98E18798ACED4B38C3B6A1997F41B0A544938F025AF2094BDA77ADF2BB94DB0F90B93EBB8E3430CE
assets.ad4m.at/logo/ Frame 2C1B 11 KB
12 KB 28ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D5F7C1426A6A5947F76296F8D1C89E7B86A026E5DD02654F98E18798ACED4B38C3B6A1997F41B0A544938F025AF2094BDA77ADF2BB94DB0F90B93EBB8E3430CE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5041bcdc7d3c868b268381ef8e00deb76484498202acf18bf4ed2487dd1a92d5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1184948
cf-polished: qual=85, origFmt=jpeg, origSize=28565
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11434
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Mar 2023 15:32:56 GMT
server: cloudflare
etag: "d8953b4523ebde60f3ebb76e446b78c0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYIboyKKBusGLQW1NzNBIaeLeqTQJJK5mac4ssDn2H6mEHPyjGnEgHjDgBaALhSQbRmMD3LlL6abKoRxMyOhEvhLBJ6m4YiJnpjAmQRcGgBUOSeM6zYai5mCEXUKhIGAihE1OYbSYeFYeqJ1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e8218360494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H3 200 DE1A88044C6406DA19D2846CFAB8D15E1143FEF6DCBF4F1C4FABA6F4EDC07739B753D991A7BC307F090A188AEDFF08A036DDA68FD34B6C5EF56E163DA9710045
assets.ad4m.at/ Frame 2C1B 34 KB
34 KB 82ms
81ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/DE1A88044C6406DA19D2846CFAB8D15E1143FEF6DCBF4F1C4FABA6F4EDC07739B753D991A7BC307F090A188AEDFF08A036DDA68FD34B6C5EF56E163DA9710045
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74eb51d454b85392a8a2025cc8736cb7fb8ae8ef4879d64c77bd5f27599faea4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 404246
cf-polished: qual=85, origFmt=jpeg, origSize=69124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34392
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Apr 2023 14:30:59 GMT
server: cloudflare
etag: "ee8688a9830ec38e73bf4ef626d52620"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPkRhTYFrqf698MyQS5UDZFnc05Tp%2BwRipsh90XUx4T%2Bu7Fpg5kFKChwyhN73gspe3vXmYM%2Bjj5bdEbrdmLQlvhnb%2FO3NeP%2FedlmW2MUg%2FIdUZ2Eb2TgswQoukNunNfyZLzP%2BykIaDKPjIz%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e82283c0494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H2

200

cr_75901dcf-8fe0-4a0a-876b-62e364580bb1
res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1681205333/prod_creatives/net_253/adv_93713/ Frame 2C1B
Redirect Chain

https://latner.rentalmotorbike.com/ts/i5047752/tsv?amc=adnetworks.blbn.456157.513300.CRTDu-TPrWG&pv=1&pref3=oneidmQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMKoneid__suite_Netmix_Reach142_France_MoreVolum...
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1681205333/prod_creatives/net_253/adv_93713/cr_75901dcf-8fe0-4a0a-876b-62e364580bb1

24 KB
25 KB

102ms
37ms

Image
image/webp

2606:4700::6813:a741
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1681205333/prod_creatives/net_253/adv_93713/cr_75901dcf-8fe0-4a0a-876b-62e364580bb1

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6813:a741 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcfb8c842c67774da81bd08ee258e11c39be98b60838c760ec6aa93438d1a171

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="cr_75901dcf-8fe0-4a0a-876b-62e364580bb1.webp"
server-timing: cld-cloudflare;dur=11;start=2023-04-18T10:43:25.353Z;desc=hit,rtt;dur=17
content-length: 24846
last-modified: Tue, 11 Apr 2023 09:31:48 GMT
server: cloudflare
etag: "9caa349c0e0a7111823555f6650605ac"
vary: Accept,User-Agent,DPR,Sec-CH-DPR,Width,Sec-CH-Width, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
cf-ray: 7b9c4e836ed30275-CDG
timing-allow-origin: *

Redirect headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
last-modified: Tue, 18 Apr 2023 10:43:25 GMT
location: https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1681205333/prod_creatives/net_253/adv_93713/cr_75901dcf-8fe0-4a0a-876b-62e364580bb1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 1DAAAE2568951C06FB7158EAAD1019B74F83EF8D31820C64F1BA3CA991B3A16138205A5035468B4D4355E4EA0A1BBBC704F51895711B7477AC9C4CE0D4C1B40B
assets.ad4m.at/logo/ Frame 2C1B 10 KB
10 KB 41ms
40ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/1DAAAE2568951C06FB7158EAAD1019B74F83EF8D31820C64F1BA3CA991B3A16138205A5035468B4D4355E4EA0A1BBBC704F51895711B7477AC9C4CE0D4C1B40B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2fe930e82faaf6889e91c7e43552a136bf54a779abd70f2a2680192e825c3e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 916313
cf-polished: degrade=85, origSize=16651, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10019
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 09:46:04 GMT
server: cloudflare
etag: "552003bd6d7965e9a8fc8b2699c69ca2"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm%2B6r70LmEMu%2BsdtX%2B%2B3Ob3R9HcoOmKjz0kUr7qqlhKkW2wmI9aL3geTcKaV%2BlqOsRNqY%2BaX7aR4CA4Ipjqcc%2FnOMzj5maRGukL9yJGyVFXjCrCWFMFDNL7TF86to9zYPk%2F1mVVG3VeXEzTD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e82283e0494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H3 200 564343C9E6F80D427F2338A851F222F82EFC507190CC7F6801EDC7BD3DC9948F4AB86D3BE6BD2A1F97B83765D3E974C1795BCC42A384573E751E896DE9342537
assets.ad4m.at/product_image/ Frame 2C1B 36 KB
37 KB 176ms
175ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/564343C9E6F80D427F2338A851F222F82EFC507190CC7F6801EDC7BD3DC9948F4AB86D3BE6BD2A1F97B83765D3E974C1795BCC42A384573E751E896DE9342537
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b5d151a553af830624fb750b99c4b55c10c6175766c29fcdcec7c245b1f0f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1029192
cf-polished: degrade=85, origSize=59624, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37270
cf-bgj: imgq:85,h2pri
last-modified: Tue, 06 Dec 2022 09:19:57 GMT
server: cloudflare
etag: "916f64f463543564e0074e2cc917a8f5"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndHoCZtWk2GnfBUlFZP4msa7bpnAg5f1Jb7Xp5oC%2BTPW4HEjC1GBForv0oNuFnrXkIMRgSs%2B5weHFYZ0a8FtYS%2FOhqYCS3r3XWjQ2XRs%2FRAPVorQFvYSVcG%2BFDdk55CWD3nCdWyCTP24yEwy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e82283f0494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2C1B 43 B
704 B 135ms
62ms Image
image/gif 23.210.125.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3078744&v=13463&q=338696&r=412871&pv=1&pref3=oneidbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9oneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-125-176.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Apr 2023 10:43:25 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
assets.ad4m.at/logo/ Frame 2C1B 71 KB
72 KB 127ms
126ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd95205e9a1d26bcf8b72e41f6b19d85ac00830efebcae99a05e343a0c5b8311

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 826908
cf-polished: origSize=104051, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73088
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Apr 2020 09:54:02 GMT
server: cloudflare
etag: "7a4502b01881c490069ab2174de5eabb"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf1U6z3vlIi6PfLogsyIKwjsRa%2FopBCTrCN3rDi9u%2BOxPLhHgv%2Bv9jJGKenKOwafYaDXvnb%2F2RrcjNlymr5mXgOtOSEEr36RzpN9evG3lEmm1YhaW7OpdTInMOAnLnp3IyigeuheXFqDOn1v"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e8228400494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H3 200 C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
assets.ad4m.at/product_image/ Frame 2C1B 43 KB
44 KB 41ms
40ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2312548
cf-polished: qual=85, origFmt=jpeg, origSize=102472
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44412
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 09:48:28 GMT
server: cloudflare
etag: "d308a34122a97b371964832dabfe9056"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THDT7S793wbROP7pg8WKyMl9Oqlc95fcctwdTGyKZ7lJIcIBj8ssDK8f2qoS25btAJQZLoTMizhLuAxUNvc0fpoZIM879e1hFtvW599IwqHf67%2FHGxluyfkfoyIz9%2BnIxoEcpWsO6tvBW3SI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e8228410494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H/1.1 200
OK /
vcb.happ-e.fr/ Frame 2C1B 43 B
2 KB 383ms
86ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vcb.happ-e.fr/?t=P4B11756C8631B27&argsite=oneid8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2oneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.025490999221802
Connection: keep-alive
X-TRK-PROC: 45335
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 2
Server: nginx
Last-Modified: Tue, 18 Apr 2023 10:43:25 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5C08 0
0 67ms
66ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZSZAS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLIBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O003C0PUurDIpNvFIE5koLk1FK9l5acnKSP4ddkbHZmkKPSLkUgsHYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=4thz21c-GwY&uach_m=[UACH]&cid=CAQSOwBygQiDdv7cwpRpujGxwIgd5_V2uVkCETBqUJFmWZDTzf4GeCt9xfuT5wGA6Qlflaq5oUE74Pkec7DpGAE

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3214185842&pi=t.aa~a.3633464688~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=4&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yKBgPIBr15&p=https%3A//all-news.co&dtd=49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Apr 2023 10:43:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 5C08 0
0 25ms
25ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k8m4xkx2xnpnxxbs08zjwg3wbqz7846ygbevafpc1fpaby9c0xzm9hpjfkr65h2dwrm6fcf3crm3zw0x7ny7yhpewfvybb51k6q2481y7qcsfe7scz3q5knxpts1h75y30gzp6h9dzkyw60q0egyd9748atvhytt4t8j0d7jazk1n4yhag4pe7vnw4hp1zg1t6k4jvcq2sx6fqnz5kqfn2wp49smzh27gpfa0v654m68w690122qm28s94enx7d48gvc6bt703yksfa2wqabznndn9j59cpcr98peh70d2tfnyk8pha9v0zz55m79esnpce7y72cr2078h1n54sc0cskkrbfh3hmxrg9ymw1daqdz8sfxw9zfznrp7ynkrc013w57xd9tpb819a&b=ZD50SwALpjkKoRQEAA66zTPDst9ANkLi6Icjqw
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Apr 2023 10:43:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 2A33 2 KB
2 KB 138ms
138ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gse7ky4y33q8ee0m7kn0s4p7j4ewjzbngn1j66xa7xrtqsj8banzt057k74n3asxw88jdspnsgz2y3kz9dj72syg2kha7vx9amyasc8ve7mxnh88rbgevax44e62ngd88vawwc7jz5w9rytey5axp07tv0xepvy4p9rty08ep1dh4d0cx4b2xr537v22hxhgpmtgkmd6egdy5xhpgq4c1hk6f9kx2e5jz8npcn534ea86na0n6dtfyc832cdrejjt1v3cradzekekne2ghkhatzx46zg518w51n3jn8dmbcm1y2a7x7mmfyeyanbbqser8r8qcy0nbqm9b3a6eyezrcp7qss2qq4tnazyfat12qyvjdn21ak4z3kjak7vnrqsev6nz05a787zc74b4dphg4fahwh98gy6gh0nnf1tzwya2kksmspkr988z49g2509xx27vbw26g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%26client%3Dca-pub-8439024877331049%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3214185842&pi=t.aa~a.3633464688~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=4&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yKBgPIBr15&p=https%3A//all-news.co&dtd=49

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330bbc3629c7a405969b90a89a405e73c8b9ee031112b31c6b27390fb2394216

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b9c4e8339770494-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:25 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5C08 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 383A 1 KB
643 B 26ms
25ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:08:36 GMT
etag: 48472445140208031
expires: Wed, 19 Apr 2023 10:08:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5C08 20 KB
8 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5C08 0
0 36ms
34ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRgPBFiwbuslF32B2flzYSTp2odNB9FcBCAcN4v4-JtINRb4kKvjcqZ0CCOk1HReC5s9SkV7g4Pcc_IRwpzc34qH-f4A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3214185842&pi=t.aa~a.3633464688~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=4&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yKBgPIBr15&p=https%3A//all-news.co&dtd=49
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C08 159 KB
49 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:25 GMT

GET
DATA 200
OK truncated
/ Frame 5C08 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa655ef31fd302281f62504e0c9ddc83ca79b261a57e546f91ae8889e2ef8e89

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 383A 0
104 B 329ms
38ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGVm_OCGxRSKtH95cjZc7D8&google_cver=1&google_push=Aer7DvIWPgWDbrZisTLu0OUH4bXJtqlQTDgxyIou8HC2XgB8o8b0FnPZuwnuZYIQ09ehoZryQHucvosobb8RvHthnon96orUzHzJVis
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3214185842&pi=t.aa~a.3633464688~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=4&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yKBgPIBr15&p=https%3A//all-news.co&dtd=49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 383A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvKK2PKkGeSvYAg19v96rTwryEKI98_nKqwvlU2mHD7...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvKK2PKkGeSvYAg19v96rTwryEKI98_nKqwvlU2mHD7-OcDJANvfcbvFp3MKID0ad0lspz5gsvk81ZzBWJm1vg5hMNXA5g9qGPI

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Apr 2023 10:43:24 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-017dcce659d1d3103@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvKK2PKkGeSvYAg19v96rTwryEKI98_nKqwvlU2mHD7-OcDJANvfcbvFp3MKID0ad0lspz5gsvk81ZzBWJm1vg5hMNXA5g9qGPI
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 383A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEQxMZaIbCF1z3CnRvlOAOY&google_cver=1&google_push=Aer7DvKXqfj4G6cLROMQN_kkDduK3Cc9qNOrrXEFEKcV2W7XLyFxwZkUKVQywGGXyBb4hyAXC4jux6dNz91ec5ux...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKXqfj4G6cLROMQN_kkDduK3Cc9qNOrrXEFEKcV2W7XLyFxwZkUKVQywGGXyBb4hyAXC4jux6dNz91ec5uxu-TO0EDR4rEC3S0

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKXqfj4G6cLROMQN_kkDduK3Cc9qNOrrXEFEKcV2W7XLyFxwZkUKVQywGGXyBb4hyAXC4jux6dNz91ec5uxu-TO0EDR4rEC3S0

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Server: MT3 796 58fb543 master cdg-pixel-x10 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKXqfj4G6cLROMQN_kkDduK3Cc9qNOrrXEFEKcV2W7XLyFxwZkUKVQywGGXyBb4hyAXC4jux6dNz91ec5uxu-TO0EDR4rEC3S0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 18 Apr 2023 10:43:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 383A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGksZpuKduLIO7xokZCQr9o&google_cver=1&google_push=Aer7DvJUHwAv2ujjotlwje32utzWwGCPUX0YmFAoVglh8eEQCg24nqrxMZuw0efVzZHDYp1AeK4UB4bx...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvJUHwAv2ujjotlwje32utzWwGCPUX0YmFAoVglh8eEQCg24nqrxMZuw0efVzZHDYp1AeK4UB4...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvJUHwAv2ujjotlwje32utzWwGCPUX0YmFAoVglh8eEQCg24nqrxMZuw0efVzZHDYp1AeK4UB4bxlhqNr2dZOwtLhDLOfCsifiY

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY2MzAzMDAyNTE2NjgxMDE0MA&google_push=Aer7DvJUHwAv2ujjotlwje32utzWwGCPUX0YmFAoVglh8eEQCg24nqrxMZuw0efVzZHDYp1AeK4UB4bxlhqNr2dZOwtLhDLOfCsifiY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 383A 43 B
135 B 26ms
24ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAeRgjJPQWgS3jinXX3DgbY&google_cver=1&google_push=Aer7DvLKmoj7IxLVbHXjvfWArvDPPLw_FCuWfx5W6eRjMU2vAT69BAyFSe63wixVNDlsVrQzv9w87ZUt3f796XhQOv9vLxleTwqpB20
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3214185842&pi=t.aa~a.3633464688~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1681814603&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814603632&bpp=1&bdt=2034&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=4&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=yKBgPIBr15&p=https%3A//all-news.co&dtd=49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ie0qtm3cv7srl7vh72r132pgt6ijk1vm

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 383A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvK26lhnNO3lGhmw54AoVEHz8r0yh6U2admsiV2RXCktNa3lj33A-FvrlWJpqNH4JFfwnfMCZU3JQ_igBBpp7StArMWGw8u7jP4

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvK26lhnNO3lGhmw54AoVEHz8r0yh6U2admsiV2RXCktNa3lj33A-FvrlWJpqNH4JFfwnfMCZU3JQ_igBBpp7StArMWGw8u7jP4
date: Tue, 18 Apr 2023 10:43:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 383A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEdwNh1ia0WUl7EaJ26GTlA&google_cver=1&google_push=Aer7DvJ6sV8cUHMIDQ93McA7gzLubPI-w3psYXxsw9twqAaSam0o_-TwbsZw-FSZBnikNeXjpTP...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdNNFpRVTItQS0yUDE0&google_push=Aer7DvJ6sV8cUHMIDQ93McA7gzLubPI-w3psYXxsw9twqAaSam0o_-TwbsZw-FSZBnikNeXjpTP1-hLU6RRKhV-eK1U5xtW00clGiNQ

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdNNFpRVTItQS0yUDE0&google_push=Aer7DvJ6sV8cUHMIDQ93McA7gzLubPI-w3psYXxsw9twqAaSam0o_-TwbsZw-FSZBnikNeXjpTP1-hLU6RRKhV-eK1U5xtW00clGiNQ

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdNNFpRVTItQS0yUDE0&google_push=Aer7DvJ6sV8cUHMIDQ93McA7gzLubPI-w3psYXxsw9twqAaSam0o_-TwbsZw-FSZBnikNeXjpTP1-hLU6RRKhV-eK1U5xtW00clGiNQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 383A 0
12 B 33ms
32ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ImTQDmi2FQlnKtJtp6yIrA-rbszOjD5cyweWSdHE_RNT3ObK96031dfU82GHlGxZJ7uRK0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 2A33 94 KB
12 KB 30ms
30ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gse7ky4y33q8ee0m7kn0s4p7j4ewjzbngn1j66xa7xrtqsj8banzt057k74n3asxw88jdspnsgz2y3kz9dj72syg2kha7vx9amyasc8ve7mxnh88rbgevax44e62ngd88vawwc7jz5w9rytey5axp07tv0xepvy4p9rty08ep1dh4d0cx4b2xr537v22hxhgpmtgkmd6egdy5xhpgq4c1hk6f9kx2e5jz8npcn534ea86na0n6dtfyc832cdrejjt1v3cradzekekne2ghkhatzx46zg518w51n3jn8dmbcm1y2a7x7mmfyeyanbbqser8r8qcy0nbqm9b3a6eyezrcp7qss2qq4tnazyfat12qyvjdn21ak4z3kjak7vnrqsev6nz05a787zc74b4dphg4fahwh98gy6gh0nnf1tzwya2kksmspkr988z49g2509xx27vbw26g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gse7ky4y33q8ee0m7kn0s4p7j4ewjzbngn1j66xa7xrtqsj8banzt057k74n3asxw88jdspnsgz2y3kz9dj72syg2kha7vx9amyasc8ve7mxnh88rbgevax44e62ngd88vawwc7jz5w9rytey5axp07tv0xepvy4p9rty08ep1dh4d0cx4b2xr537v22hxhgpmtgkmd6egdy5xhpgq4c1hk6f9kx2e5jz8npcn534ea86na0n6dtfyc832cdrejjt1v3cradzekekne2ghkhatzx46zg518w51n3jn8dmbcm1y2a7x7mmfyeyanbbqser8r8qcy0nbqm9b3a6eyezrcp7qss2qq4tnazyfat12qyvjdn21ak4z3kjak7vnrqsev6nz05a787zc74b4dphg4fahwh98gy6gh0nnf1tzwya2kksmspkr988z49g2509xx27vbw26g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 603524
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1S%2FPMCVgKRyWVH1DtIVALHE8gEuh8f4edT6AYYHWWpeMAQfLiHVsFbezIiOZSJQJgWCKxjE8q4ym2SAYARjLHs7Vw9RSRAwWqzjaUrneQOAs%2Bl3H%2Bu6IVvOouY%2FvSk15pu%2B40llloM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b9c4e842a370494-CDG
expires: Tue, 18 Apr 2023 11:43:25 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 2A33 25 KB
10 KB 44ms
43ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gse7ky4y33q8ee0m7kn0s4p7j4ewjzbngn1j66xa7xrtqsj8banzt057k74n3asxw88jdspnsgz2y3kz9dj72syg2kha7vx9amyasc8ve7mxnh88rbgevax44e62ngd88vawwc7jz5w9rytey5axp07tv0xepvy4p9rty08ep1dh4d0cx4b2xr537v22hxhgpmtgkmd6egdy5xhpgq4c1hk6f9kx2e5jz8npcn534ea86na0n6dtfyc832cdrejjt1v3cradzekekne2ghkhatzx46zg518w51n3jn8dmbcm1y2a7x7mmfyeyanbbqser8r8qcy0nbqm9b3a6eyezrcp7qss2qq4tnazyfat12qyvjdn21ak4z3kjak7vnrqsev6nz05a787zc74b4dphg4fahwh98gy6gh0nnf1tzwya2kksmspkr988z49g2509xx27vbw26g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 593861
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opODi%2FPTOEJOGELgFBffKMP1lI0j24cf2l2%2FFXlmvFFaD07B6Vmcql8drr%2F3IvWjDZkKfuKT5dM1yK8215oYXIF%2BqJMIYqamK5zx%2B%2Foz9GKBtohDqgEKEhrj1crrzODpoRHpvt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7b9c4e842a3a0494-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 11 Apr 2023 13:45:44 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EEA1 42 B
174 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpc7QcCGTcE-P90Yt_GQLlB8_PqJWiGH4IqbU5nsHOicIV_WHVOJ6_-k3g97ietbu1ci6P2HtGUfJv-5S3SRRjsvyYT5zutkL9stJFN7xUtePBiSjoVegijhtgH5EgY43pOMvB3A&sai=AMfl-YTAJA_1MBb-XDYn0kHa-Y25TsNWnWoYqLluy4Kq2Ba_2nownLxLn00ag0JJiFJQpcEbk9c377e1UNgH&sig=Cg0ArKJSzPPn5X_9X7KQEAE&cid=CAQSGwBygQiDWIqDsEBbJKVjQQexEcWByai-ErCBghgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681814603737&rpt=498&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A04 42 B
108 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvjBU1w-Yy0537PotsYh65GYbuDsCl-DdnLSn8sln7DQJgz2owAet9rlsfvBtdkq2NZyKroHKkaTPqoIOedd2c7NpH1wEwbklwRT7GAgAYDJdTAwLjFQ88yd2mxB6tIJwfzI61mg&sai=AMfl-YRDbuZStawq_dL0JOkMSUhXtShikJ61KTzJiAM9xo6_Lr26pSYJglGKpzomoivpU4P4tBpSD1392-_z&sig=Cg0ArKJSzD9eblqLJsArEAE&cid=CAQSGwBygQiDWIqDsEBbJKVjQQexEcWByai-ErCBghgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681814603740&rpt=623&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A08 42 B
108 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbWFfQ1qQiYgS-tYOimnsy72KJ1o2lfYM4IvUr_jxF8938bh1SyhGEKUOPyGg4aFvXBp3xa8WhC9fIPNKc2KWqarzE0GBmfzXPmr1_K5PqaJEAlSGKSErAsntU_8fn5Zy2hHhXGg&sai=AMfl-YTlUXud2W9C7WGNjHGoeAP2kMY_KiHzfaqoxkabctzs-eH-EMlIX-HF8KPTG2FnSlHjvpHjFy2tJ5wA&sig=Cg0ArKJSzFBRtBTfT2y6EAE&cid=CAQSGwBygQiDWIqDsEBbJKVjQQexEcWByai-ErCBghgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=446,1000,1000,1000,1000&tos=446,554,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681814603742&rpt=743&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2A33 3 KB
4 KB 28ms
28ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1572
x-guploader-uploadid: ADPycdvuf-G1KID1gkOkM-g2aJQOCL2viarMyjcOegz_B5dhIE0orE4Bm68NYO2LrAFlD-l4buI6hLfkiI43xVG_fC7Lmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CruATa8XSeQpfdc2aIUd12%2FZOpNITQcfv7db%2F6niDxvLJC0W98BkAwlnthYUbS95gz2eZsanbEOD6xIVyhXNSdnb%2FDGGuQi2HYxMkL7cX8%2B80hiI2p%2FLwEiiVweXmYjs2U9Rk3NpB0x2Q4ezKi4jN82%2B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7b9c4e847836d712-CDG
expires: Tue, 18 Apr 2023 11:17:13 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 359B 2 KB
1 KB 26ms
26ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1264625
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7b9c4e847a730494-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 18 Apr 2023 10:43:25 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VXcstPdDHXkd2GKxUL32%2Fbx6Bs2XxQNOxDykUyFYYbOkNg2uUMcl2%2B%2F7PNgyacD2KqhLtCvl%2B8JvJ7%2FtHSAT5v3FwPaEY34zvCcHon94MjiibLQQIYRGnCLWbqiWL5RaTyKgDI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 74ms
73ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230413&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1465172ee245b3f97544f5cf018dea9f4182dd330844a03679f1afa8c91e8aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11243
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
33ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2095 89 KB
33 KB 1292ms
1291ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1681814605&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814605542&bpp=1&bdt=3944&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250%2C324x250%2C1600x1200%2C160x600%2C200x600%2C1005x124&nras=8&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x%2CAHQMDFeZldKphl3627wRErJu9ONhUEkUCcBwwiZcbZ6e6SdbcvJ2R4SLYVDoPNYRP6ZeWdYhQDQ5NlGkI30FwgATn7YBhYb5HB3ksRcvDDfoRJikemMnFg%2CAHQMDFe8HwhG5eYGPYAY1naLoxIL4hsn3kqXpJIhqUmXyWGuryKwD3GBtRHqqb5SnfC10bBmaU2ZyQ9OThwwSB_nwnj2BPrSm1Dke12sJ4F6V7HFBpk%2CAHQMDFfe8Mty3UjUvjSSPJbS8-PgrAh59UhIBKFd4wLXlwLGlZZrtz39crHJRNWDcIo9ABOjWxRpBLSe2Y8NEC_TS_3n48LNcutg6EYuipIbQjUg-yHAJg&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=8&fsb=1&xpc=QuuF9C31UA&p=https%3A//all-news.co&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c10a61f90c6fea05c4778ec6a311d002f808c31cd4915d0a7f86dccdf38b5252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33854
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 3288-murray-has-24-in-win-after-early-adrenaline-settles.jpg
all-news.co/wp-content/uploads/2023/04/ 55 KB
55 KB 39ms
38ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3288-murray-has-24-in-win-after-early-adrenaline-settles.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: a02fa41b2e947801de119035024ce9709dc6b429e0c71536b0adde2da8f22fa8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Last-Modified: Tue, 18 Apr 2023 03:43:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "da1d-5f9941be41a8a"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 55837

POST
H3 200 rs Show response
ad4m.at/ Frame 2A33 1 KB
2 KB 38ms
37ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 290c6afdd56d327deaf7c515969bd137b4d3fabcf2476e585eaa49c21a5e1ead

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJNNEEZCUGGtZOpVZIEkGAE6eMvzzcJ3gG5sI%2FmNZtAVPHzBs68LzP91r9AIdizDXmOAUtrTCYG0sANQZ62JlYV75FGBc6ltKk6GQSVeEvyuhK769dFP%2Bo5zHLfeHoVVVKOWjhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7b9c4e855900d6c6-CDG
x-backend-server: aa-reachservice-group-europe-west1-bcvw
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 33ms
33ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b9c4e8528ddd6c6-CDG
content-length: 24
content-type: text/plain
date: Tue, 18 Apr 2023 10:43:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAtS38RfFhr4Dzujh%2BcEC1vLV%2F%2Fuh5yCvdlPfpQ30lu2sIK%2BuwVK8SB9lkzY2mmWRqVXVQQn8875NBodwSdock2A5pE4xWg%2FftKUbRGPMVpiUPK%2BiAnva9kT4NZObovLZvRMKh0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-bcvw

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Apr 2023 10:43:25 GMT

GET
H/1.1 200
OK 3286-the-good-bad-and-upside-of-five-mlb-teams-struggling-the-most.jpg
all-news.co/wp-content/uploads/2023/04/ 4 KB
5 KB 34ms
34ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3286-the-good-bad-and-upside-of-five-mlb-teams-struggling-the-most.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c12cbb5ef078cd1e4ba73442d3d92ee46066fefbe9c69fa13d766a6d29d5bae8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Last-Modified: Tue, 18 Apr 2023 03:43:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "11cd-5f9941bce15e5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4557

GET
H/1.1 200
OK 3280-klopp-says-one-liverpool-facet-best-for-decades-speaks-out-on-top-four-chase.jpg
all-news.co/wp-content/uploads/2023/04/ 178 KB
178 KB 35ms
34ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3280-klopp-says-one-liverpool-facet-best-for-decades-speaks-out-on-top-four-chase.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b2628b197090cf140287d3cf378d38c9f3246e873be30aefad546068b34bec85

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Last-Modified: Tue, 18 Apr 2023 02:43:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2c898-5f99345b82e35"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 182424

GET
H/1.1 200
OK 3282-liverpool-dont-need-bellingham-they-need-more-gakpos-and-jotas.jpg
all-news.co/wp-content/uploads/2023/04/ 199 KB
200 KB 35ms
34ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3282-liverpool-dont-need-bellingham-they-need-more-gakpos-and-jotas.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 3e8aba35e311921c7c0f18dc4aac59bd6f04fc39498ab97de2ace42bd56d86e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Last-Modified: Tue, 18 Apr 2023 02:43:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "31d6f-5f99345c4920b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 204143

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87A5 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 7530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 08:37:55 GMT
expires: Wed, 17 Apr 2024 08:37:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1659 783 B
534 B 37ms
37ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30ef6c6b72d6b7d411de69a0f68d352af11dce0de9b6a2a13704cdafd448b99d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I1_Drx21dLHay4qI87c_qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-I1_Drx21dLHay4qI87c_qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:25 GMT
expires: Tue, 18 Apr 2023 10:43:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BEBB 9 KB
4 KB 35ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a89f8c68a895c381e3458ba07a2f3c67281946a804d7ece174f5428ff13ef71

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gse7ky4y33q8ee0m7kn0s4p7j4ewjzbngn1j66xa7xrtqsj8banzt057k74n3asxw88jdspnsgz2y3kz9dj72syg2kha7vx9amyasc8ve7mxnh88rbgevax44e62ngd88vawwc7jz5w9rytey5axp07tv0xepvy4p9rty08ep1dh4d0cx4b2xr537v22hxhgpmtgkmd6egdy5xhpgq4c1hk6f9kx2e5jz8npcn534ea86na0n6dtfyc832cdrejjt1v3cradzekekne2ghkhatzx46zg518w51n3jn8dmbcm1y2a7x7mmfyeyanbbqser8r8qcy0nbqm9b3a6eyezrcp7qss2qq4tnazyfat12qyvjdn21ak4z3kjak7vnrqsev6nz05a787zc74b4dphg4fahwh98gy6gh0nnf1tzwya2kksmspkr988z49g2509xx27vbw26g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%26client%3Dca-pub-8439024877331049%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b9c4e85aba70494-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:43:25 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 3286-the-good-bad-and-upside-of-five-mlb-teams-struggling-the-most.jpg
all-news.co/wp-content/uploads/2023/04/ 4 KB
5 KB 34ms
34ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3286-the-good-bad-and-upside-of-five-mlb-teams-struggling-the-most.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c12cbb5ef078cd1e4ba73442d3d92ee46066fefbe9c69fa13d766a6d29d5bae8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Last-Modified: Tue, 18 Apr 2023 03:43:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "11cd-5f9941bce15e5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4557

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 87A5 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 11:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 11:14:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1659 0
0 59ms
58ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230413&jk=3008958241035527&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame BEBB 94 KB
12 KB 189ms
189ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 603524
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnH5u%2Bplxc0c8wtEYXzXkcW0uF%2FUK1quWj69mRPGgPDr2U8Tg6zawwhE%2B%2BhiGsVmkwgS1NKe46FZL%2FqTa4d29lMMpO0UnuWC4zYDiZHrQr%2BL4DQEB4scLX%2BBiug16JSYkQFYFtE9sXg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b9c4e85ebee0494-CDG
expires: Tue, 18 Apr 2023 11:43:25 GMT

GET
H3 200 56515324823B20B365599899F7CDEAEB06518780A43B3E7AB9DC3B7026550354C014E90B362FBE6746CDD7B1A883CB77E3AB8F8A4BC408ABCBB20C42D62BACFF
assets.ad4m.at/logo/ Frame BEBB 15 KB
16 KB 28ms
28ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/56515324823B20B365599899F7CDEAEB06518780A43B3E7AB9DC3B7026550354C014E90B362FBE6746CDD7B1A883CB77E3AB8F8A4BC408ABCBB20C42D62BACFF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198a13fd37b3d45a2a089dc1c04c1691eaf37c9983a08ea5ca01c44d89b01049

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2091320
cf-polished: degrade=85, origSize=25367, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15646
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 08:28:37 GMT
server: cloudflare
etag: "dfa1686790e6feac388f794e778aee4e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyPsm4pqWqjB%2FZrwIZeJyWVcQFrd8Suq2u9shdTs1sgIdL50UJoy%2BnkWmwSRFbvnoNqQWX0gOYui7CmhJHNsqA2tjsV4E0EleryJQUeT9bhpJjNYTbBczzDw5DzRt7bb7DGOCWy5ysiAAshN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e85ebef0494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H3 200 D0574E0413E4E2BF9F008E0925864824C9C91D7469B0410E2F3EB73D162C6D34C8AF516C4C6C55022713841D90D6D03D077D31DADDD18ED4358557306F688430
assets.ad4m.at/product_image/ Frame BEBB 44 KB
45 KB 27ms
26ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/D0574E0413E4E2BF9F008E0925864824C9C91D7469B0410E2F3EB73D162C6D34C8AF516C4C6C55022713841D90D6D03D077D31DADDD18ED4358557306F688430
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8900dfcb3fb3061252db53c35479af4ed2ac43949275adbdace2737b361674b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1023033
cf-polished: degrade=85, origSize=87656, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44946
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 08:38:48 GMT
server: cloudflare
etag: "1fa3c4594e12e50f0f5fe57e7d45863b"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xrr56w9p0o5ujGlVZbHg7VDIazWZzykuc2o0lEP%2BTT%2Bk1iIju6Olx63%2ByiNjt%2Bl%2F2XpnpbJrG3HVtrgT1MhoNQLbjlH8LKgkHMEp9b3Zf6CghTnMmIgIDNaEF%2BO2DP7pYx1tbY0uzw%2Bo6Utl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e85fbf30494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame BEBB 43 B
3 KB 65ms
63ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://action.metaffiliation.com/trk.php?taff=P510DF956C8631D43&argsite=oneidXgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84oneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.016924142837524
Connection: keep-alive
X-TRK-PROC: 69113
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 5
Server: nginx
Last-Modified: Tue, 18 Apr 2023 10:43:25 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 8E6112E24CA72CECF391231BFB8CBE06C5595D2145E07986C0615093B1948C8152DB90DEF32D37BB457C10E953AC1F45588FDDD710A0C889448C05BBE2B71014
assets.ad4m.at/logo/ Frame BEBB 9 KB
10 KB 43ms
42ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/8E6112E24CA72CECF391231BFB8CBE06C5595D2145E07986C0615093B1948C8152DB90DEF32D37BB457C10E953AC1F45588FDDD710A0C889448C05BBE2B71014
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3e9f8d954bbc4ccaaaba37ec087200fc27613396bef7935fa0057a5b125d8a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1972435
cf-polished: qual=85, origFmt=jpeg, origSize=25686
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9246
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Feb 2023 14:39:55 GMT
server: cloudflare
etag: "fbfe879b30f0a3016143c62a03cc7950"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oT4O9gbvJ71EcyEWQ8U1mVatwRUvf4IgRry9VRx7wLHWBsEkIvbCuDliW%2BtCKJbXXm4y5YwfukudMwqjIjerUKRgnSYGFI6OBpdpeB3jwKBrqcfcF03MGPCrdG0Jb7%2BPMqYPoyhARBt4dmYz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e85fbf50494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H3 200 C0623A880E9DE99DCED5DFEA7C126B0D438A62D5526E0A539A5E06A470223213EEA75F6815823799B21D97E82BEEFD9E9ECDD76A1A443D1E9AB398D084283187
assets.ad4m.at/product_image/ Frame BEBB 20 KB
21 KB 262ms
260ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C0623A880E9DE99DCED5DFEA7C126B0D438A62D5526E0A539A5E06A470223213EEA75F6815823799B21D97E82BEEFD9E9ECDD76A1A443D1E9AB398D084283187
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d70ce3634a802c55840a92bd6521cc811972195b5374f45b2e3a4f4efc138e5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1972432
cf-polished: qual=85, origFmt=jpeg, origSize=52383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20812
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Feb 2023 14:42:27 GMT
server: cloudflare
etag: "464e2b4d29297d5a40e7eb7599c424eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEnJbt1slcGSjZH3CqCfgKrUCp0yrCFXHKbi4RYaUpcp%2B5pe%2BIzc3vwVMB54XjXs2%2Fe%2FR%2B7AVOh7gHyPGh%2FQjuq%2Ba6BEVFi%2F%2BoVXZiHwtHpw7LMJqQD7Ue6xoF5tUu%2FvwByWp1iiWpUAb9GK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e85fbf60494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame BEBB 43 B
3 KB 67ms
65ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://action.metaffiliation.com/trk.php?taff=P51100556C8631B19&argsite=oneidRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQxoneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.018950939178467
Connection: keep-alive
X-TRK-PROC: 69637
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 3
Server: nginx
Last-Modified: Tue, 18 Apr 2023 10:43:25 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame BEBB 14 KB
15 KB 279ms
278ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2480314
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSUJPt%2F%2B3yd3LS12fcT8iDBSXQzBbGUdTUMnyLtEz0%2FrE8HWk6gha9KvoEU25plKnEeAYa0CRafdsNNGPFWMIs3Gev4CbtDAUt4gZylpGzoyiclyN%2Bsvt4vdmGMnuj6iMxt8v3AA1lI0exiW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e85fbf70494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H3 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame BEBB 274 KB
275 KB 43ms
42ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 794887
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOQbugAPqf47kYJqbL6arnGVZWDcK5YjktOnZScoHtW%2BmZqunjeMTW5gtD%2BfU5QXp%2FTQvCWiJqkE6yMGzgYsXThRmkHT1OApE0LHVLpHwroEbmGh36tVruyZaAHbmjJg2tlw1C6WNi4nnULj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b9c4e85fbf80494-CDG
expires: Wed, 19 Apr 2023 10:43:25 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame BEBB
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmdoneid__suite_Netmix_Reach142_France_MoreVolume&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

20ms
19ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
content-encoding: gzip
age: 3414
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135736
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
x-ocdn-rp: HTTP/2.0
x-ocdn-net: EUFR16276
etag: "5e15e184-21403"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes

Redirect headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.030107975006104
Connection: keep-alive
X-TRK-PROC: 58179
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 1
Server: nginx
Last-Modified: Tue, 18 Apr 2023 10:43:25 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 3288-murray-has-24-in-win-after-early-adrenaline-settles.jpg
all-news.co/wp-content/uploads/2023/04/ 55 KB
55 KB 34ms
33ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3288-murray-has-24-in-win-after-early-adrenaline-settles.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: a02fa41b2e947801de119035024ce9709dc6b429e0c71536b0adde2da8f22fa8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Last-Modified: Tue, 18 Apr 2023 03:43:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "da1d-5f9941be41a8a"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 55837

GET
H/1.1 200
OK 3284-leeds-1-6-liverpool-jota-scores-brace-to-end-goal-drought-in-elland-road-rout.jpg
all-news.co/wp-content/uploads/2023/04/ 199 KB
199 KB 34ms
34ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3284-leeds-1-6-liverpool-jota-scores-brace-to-end-goal-drought-in-elland-road-rout.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d0835a49440a1a0bf7bcb067866139190ba9b9a36d46f840c626891f7cb98c25

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Last-Modified: Tue, 18 Apr 2023 02:43:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "31bc6-5f99345ca0876"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 203718

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 87A5 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QrgVmQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK 3282-liverpool-dont-need-bellingham-they-need-more-gakpos-and-jotas.jpg
all-news.co/wp-content/uploads/2023/04/ 199 KB
200 KB 34ms
34ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3282-liverpool-dont-need-bellingham-they-need-more-gakpos-and-jotas.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 3e8aba35e311921c7c0f18dc4aac59bd6f04fc39498ab97de2ace42bd56d86e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Last-Modified: Tue, 18 Apr 2023 02:43:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "31d6f-5f99345c4920b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 204143

GET
H/1.1 200
OK 3280-klopp-says-one-liverpool-facet-best-for-decades-speaks-out-on-top-four-chase.jpg
all-news.co/wp-content/uploads/2023/04/ 178 KB
178 KB 89ms
88ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3280-klopp-says-one-liverpool-facet-best-for-decades-speaks-out-on-top-four-chase.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b2628b197090cf140287d3cf378d38c9f3246e873be30aefad546068b34bec85

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:25 GMT
Last-Modified: Tue, 18 Apr 2023 02:43:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2c898-5f99345b82e35"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 182424

GET
H/1.1 200
OK 3284-leeds-1-6-liverpool-jota-scores-brace-to-end-goal-drought-in-elland-road-rout.jpg
all-news.co/wp-content/uploads/2023/04/ 199 KB
199 KB 35ms
34ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3284-leeds-1-6-liverpool-jota-scores-brace-to-end-goal-drought-in-elland-road-rout.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d0835a49440a1a0bf7bcb067866139190ba9b9a36d46f840c626891f7cb98c25

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 10:43:26 GMT
Last-Modified: Tue, 18 Apr 2023 02:43:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "31bc6-5f99345ca0876"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 203718

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230413&jk=3008958241035527&bg=!trWlteHNAAZA7GLoYOw7ADkAdvg8Whn9lX1vusSYCcXPtl6RL2VTAklwn_BPrJ_lNUOpWe3oRPBGXHPRtw1HWL5PkIH0BqOgiToCAAAAYFIAAAACaAEHmQLS2F8z-5RsaIDzCB_DNdXa_woLJ7oCrg4KR3-TCJ9zJSscT9EbbNw0DTPPVdh4WJtLfQQID-0RACgApfJJbAyiDLqqw98eqKVcr3groEvstOlqubhOOsVdLYNtnZw9BD4uQ0axY6JVeMeqC3LVOj8bOmWw_S5cafaZwrJCM8-O_icF9ZzA0KC4V2P8yCZvxRRbMcjS77GcZyZJjUTlepXCPOau_JmsVYcQPKoh-cf8-fZofUzlQTaiDkoPC734g1bo3YcPZCy9sqzerWfZhSqrd7jxxAQM8faKpz6vtlCMClBNo07lzxU84DVi4A1hYzlwp_E2IEduXJtV8moKz-JRGzP_ardBHlA4_G2w9c9qGYdpjlm6vvDuNhDG_duCM-3RV5yyPQxJsR3smRyCgmj3UlMZg3FW81FSLXoKgRwvSKQp9umzZqZ_1Wf-euJMFF_pI6Wwzs4yJCHTbgS8xXpmDwEAfbEpScBkM2LNN9DMgpAYQKwx-emoqKeSpOBgn2GPg81zxaNHHRXTRLyCWqd8_LXzzE21m-qqlpK1CXQUtQScdHCNCh2ST15RAzMENwsJ9qMNa11ZWkBhS-yBCDiQA3kgU-YP6Tp0tx7eFHo3joIoFskBHQXbLtjQi0RTYnsUMKfoIWUib44IqOYBHi1SNvrc2YDanm76B7XMbJ-5dFhPcobWhkFow0fUPEzllrRuXNhWYAEG6thz2O-m0hzTBMejIv7sgjRb5FZ-uvkLraaWaOVAodZEbFj3HS00TjTHpXIJTxKo8ksEnEpLDu03OU-6SoNi_kyh4KHivV77VPH0m9PWg8hrNMw0oTZSY74t2WUkfggPWcToJpWzkHG9ye4BPQL_vzvP8bGylEcrMFjWcOwi4GlovO3NVihjYrBqr0zHRm340px6lfcb3JKz9i9MbcbJwwYJkgjPnhco4F3D5_QsGxBYz53Lmq99sEStpw4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 2095 6 KB
669 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1681814605&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814605542&bpp=1&bdt=3944&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250%2C324x250%2C1600x1200%2C160x600%2C200x600%2C1005x124&nras=8&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x%2CAHQMDFeZldKphl3627wRErJu9ONhUEkUCcBwwiZcbZ6e6SdbcvJ2R4SLYVDoPNYRP6ZeWdYhQDQ5NlGkI30FwgATn7YBhYb5HB3ksRcvDDfoRJikemMnFg%2CAHQMDFe8HwhG5eYGPYAY1naLoxIL4hsn3kqXpJIhqUmXyWGuryKwD3GBtRHqqb5SnfC10bBmaU2ZyQ9OThwwSB_nwnj2BPrSm1Dke12sJ4F6V7HFBpk%2CAHQMDFfe8Mty3UjUvjSSPJbS8-PgrAh59UhIBKFd4wLXlwLGlZZrtz39crHJRNWDcIo9ABOjWxRpBLSe2Y8NEC_TS_3n48LNcutg6EYuipIbQjUg-yHAJg&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=8&fsb=1&xpc=QuuF9C31UA&p=https%3A//all-news.co&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Apr 2023 10:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 10:12:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Apr 2023 10:43:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 2095 2 KB
770 B 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 18:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 18:48:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame 2095 22 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:08:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 2095 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 2095 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2095 159 KB
49 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 10:43:26 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 2095 33 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 19:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 19:53:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2095 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CREGuTXQ-ZPOlJuTVhAbGj5PgBty5wIpw99vs3qUR9ofB45YOEAEgzNPsggFg-wGgAaGV8u0CyAEJqQLUwqOy8l6yPqgDAcgDywSqBL8BT9BsXp1brR_T_T0AfTzjp6BB92k4j730JGJEW9nFPlheEUNdVo7KFuprXMaO4mijuHjvts4H_hGeQ6GBzD6aZPVpxhqMxKkkwLsZJeWFwkWUFJHX3wwpG69i7ryQysPBZ9IHng5jKyptz_cAn8yUEl4io6ZHpFHMpmfck9cJPeKd11IUCIb_zzmLEA3CyzbMKV2KrPm4993uKMpfxWwuRotusnxDihwJ0d3bb-CB7Ij74y927adyVt-NrXj6eQ3ABNe74JGpBJIFBAgEGAGSBQQIBRgEoAYugAfH6o2SAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMHmAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=fs2_Mgc1dmc&uach_m=[UACH]&cid=CAQSOwBygQiDkIjRZTsznzwlZNaXBnnixjKPwx9cPZA15hEvxXhQFPYR-iYweXRn_ct0iBob9naG9Vwb9Rw7GAE&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1681814605&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814605542&bpp=1&bdt=3944&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250%2C324x250%2C1600x1200%2C160x600%2C200x600%2C1005x124&nras=8&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x%2CAHQMDFeZldKphl3627wRErJu9ONhUEkUCcBwwiZcbZ6e6SdbcvJ2R4SLYVDoPNYRP6ZeWdYhQDQ5NlGkI30FwgATn7YBhYb5HB3ksRcvDDfoRJikemMnFg%2CAHQMDFe8HwhG5eYGPYAY1naLoxIL4hsn3kqXpJIhqUmXyWGuryKwD3GBtRHqqb5SnfC10bBmaU2ZyQ9OThwwSB_nwnj2BPrSm1Dke12sJ4F6V7HFBpk%2CAHQMDFfe8Mty3UjUvjSSPJbS8-PgrAh59UhIBKFd4wLXlwLGlZZrtz39crHJRNWDcIo9ABOjWxRpBLSe2Y8NEC_TS_3n48LNcutg6EYuipIbQjUg-yHAJg&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=8&fsb=1&xpc=QuuF9C31UA&p=https%3A//all-news.co&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Apr 2023 10:43:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/14720220374811816195/ Frame 2095 52 KB
52 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14720220374811816195/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796cd8483abbd5dab817f94bbabc67e9d72b0a92aba74799e1ed245572a88f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 03:59:14 GMT
x-content-type-options: nosniff
age: 24252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53440
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 18:43:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Apr 2024 03:59:14 GMT

GET
DATA 200
OK truncated
/ Frame 2095 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5ab9ee9e13a9e0476d3680e0d8002d168a39b6cf05486dfea9533809d0c165e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 883F 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 10:08:36 GMT
etag: 48472445140208031
expires: Wed, 19 Apr 2023 10:08:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2095 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df013962b1dd943a34c1dc2f01e85144ac8ae916b6606ccef13fb212a3008ad0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 883F
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOH_DPRxmGJdErWxtnZaHEc&google_cver=1&google_push=Aer7DvJI4tgfdz14CYVJfDQ1fkqzCUnEJLdgZOsy9Wz6fhb7RQKAs3PSxy...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvJI4tgfdz14CYVJfDQ1fkqzCUnEJLdgZOsy9Wz6fhb7RQKAs3PSxyHYThoUYbdMQqnZaA1nCbUN0TnPzKQFu3OTL9VWoDVfcvo&google_hm=_Bw4CnOGD...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvJI4tgfdz14CYVJfDQ1fkqzCUnEJLdgZOsy9Wz6fhb7RQKAs3PSxyHYThoUYbdMQqnZaA1nCbUN0TnPzKQFu3OTL9VWoDVfcvo&google_hm=_Bw4CnOGDisbtKrY-R-cOw

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvJI4tgfdz14CYVJfDQ1fkqzCUnEJLdgZOsy9Wz6fhb7RQKAs3PSxyHYThoUYbdMQqnZaA1nCbUN0TnPzKQFu3OTL9VWoDVfcvo&google_hm=_Bw4CnOGDisbtKrY-R-cOw
pragma: no-cache
date: Tue, 18 Apr 2023 10:43:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 883F 0
103 B 21ms
19ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGVm_OCGxRSKtH95cjZc7D8&google_cver=1&google_push=Aer7DvIWEuCDjEBtva0CEpF6_lVdlmnhCZEUSLrsWqES3E6gpYZCGCSZm2D5zlwNCPwRDOH-JJUi_n2bxIYR1NZLk42Kg5MpBuwlAKg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1681814605&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814605542&bpp=1&bdt=3944&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250%2C324x250%2C1600x1200%2C160x600%2C200x600%2C1005x124&nras=8&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x%2CAHQMDFeZldKphl3627wRErJu9ONhUEkUCcBwwiZcbZ6e6SdbcvJ2R4SLYVDoPNYRP6ZeWdYhQDQ5NlGkI30FwgATn7YBhYb5HB3ksRcvDDfoRJikemMnFg%2CAHQMDFe8HwhG5eYGPYAY1naLoxIL4hsn3kqXpJIhqUmXyWGuryKwD3GBtRHqqb5SnfC10bBmaU2ZyQ9OThwwSB_nwnj2BPrSm1Dke12sJ4F6V7HFBpk%2CAHQMDFfe8Mty3UjUvjSSPJbS8-PgrAh59UhIBKFd4wLXlwLGlZZrtz39crHJRNWDcIo9ABOjWxRpBLSe2Y8NEC_TS_3n48LNcutg6EYuipIbQjUg-yHAJg&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=8&fsb=1&xpc=QuuF9C31UA&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:27 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 883F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvJwKFf32nd68UdWvbqU5dl7s732olJkZ8fB9SdCReL...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvJwKFf32nd68UdWvbqU5dl7s732olJkZ8fB9SdCReLd55dLoUxg6nRR_bfCNROQntiaqVCyyzlJdS979P9p3WuJZ09PD7iNNrM

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Apr 2023 10:43:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-09a32cc2c473a3db5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUxVVDFFNmgxUE9JTzA1&google_gid=CAESECcuBkSd5QoGpqvgod1_ekI&google_cver=1&google_push=Aer7DvJwKFf32nd68UdWvbqU5dl7s732olJkZ8fB9SdCReLd55dLoUxg6nRR_bfCNROQntiaqVCyyzlJdS979P9p3WuJZ09PD7iNNrM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 883F 43 B
64 B 25ms
24ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAeRgjJPQWgS3jinXX3DgbY&google_cver=1&google_push=Aer7DvIvGhpERGTBtMye-UDM-3yrx1GP3DsJ9QX4BNR-NkwF1S-r-a_OOeTA8-IlfQBIcby_DHXYPt7I9A02xs6AAKZK4ru_7Thi0AY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1681814605&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681814605542&bpp=1&bdt=3944&idt=1&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D44d476778ba81456-2278f6069edd00cf%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g&gpic=UID%3D00000bd7fe16a951%3AT%3D1681814602%3ART%3D1681814602%3AS%3DALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250%2C324x250%2C1600x1200%2C160x600%2C200x600%2C1005x124&nras=8&correlator=8747767644896&frm=20&pv=1&ga_vid=819111063.1681814602&ga_sid=1681814602&ga_hid=1606175021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C42532185%2C44759837%2C44759875%2C44759926%2C44769661&oid=2&psts=AHQMDFd4KU_pRUv0F6I2bDslAtzK0UFUItcwLqTw0u5VB6jCd7amNLAgmFJ4kjejEGY7GD9Iblt2zjsK80CRqa4958cfTk2x%2CAHQMDFeZldKphl3627wRErJu9ONhUEkUCcBwwiZcbZ6e6SdbcvJ2R4SLYVDoPNYRP6ZeWdYhQDQ5NlGkI30FwgATn7YBhYb5HB3ksRcvDDfoRJikemMnFg%2CAHQMDFe8HwhG5eYGPYAY1naLoxIL4hsn3kqXpJIhqUmXyWGuryKwD3GBtRHqqb5SnfC10bBmaU2ZyQ9OThwwSB_nwnj2BPrSm1Dke12sJ4F6V7HFBpk%2CAHQMDFfe8Mty3UjUvjSSPJbS8-PgrAh59UhIBKFd4wLXlwLGlZZrtz39crHJRNWDcIo9ABOjWxRpBLSe2Y8NEC_TS_3n48LNcutg6EYuipIbQjUg-yHAJg&pvsid=3008958241035527&tmod=1637578495&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=8&fsb=1&xpc=QuuF9C31UA&p=https%3A//all-news.co&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: lvlqp11ntfsjnof814qbfas94o5itknb

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 883F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKvPksyi_9Onu1wBoKYMF-MiuVLkE6IdW01m2wjxvTbDjwXxlfZbuuKAjaI4pEKsCnYOlaJN1_HdN9UJ-EaLUI7AhRQYYRmot8

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dY7Ai8niRXGXZW-Den3Vjg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKvPksyi_9Onu1wBoKYMF-MiuVLkE6IdW01m2wjxvTbDjwXxlfZbuuKAjaI4pEKsCnYOlaJN1_HdN9UJ-EaLUI7AhRQYYRmot8
date: Tue, 18 Apr 2023 10:43:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 883F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEdwNh1ia0WUl7EaJ26GTlA&google_cver=1&google_push=Aer7DvIdL21T-kgU5AuAaFQAGyjgXBKJtRcux-6fDbDyaIOQAk01SAOIqJC-IBdjyjpcbbvNUJy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdNNFpTMFEtNC0xUkVW&google_push=Aer7DvIdL21T-kgU5AuAaFQAGyjgXBKJtRcux-6fDbDyaIOQAk01SAOIqJC-IBdjyjpcbbvNUJy4ROhki9rgxUCQlsY9Bsjeg-cQU9M

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdNNFpTMFEtNC0xUkVW&google_push=Aer7DvIdL21T-kgU5AuAaFQAGyjgXBKJtRcux-6fDbDyaIOQAk01SAOIqJC-IBdjyjpcbbvNUJy4ROhki9rgxUCQlsY9Bsjeg-cQU9M

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdNNFpTMFEtNC0xUkVW&google_push=Aer7DvIdL21T-kgU5AuAaFQAGyjgXBKJtRcux-6fDbDyaIOQAk01SAOIqJC-IBdjyjpcbbvNUJy4ROhki9rgxUCQlsY9Bsjeg-cQU9M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 883F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFubzuFm_iUVGG-0wf2z6ZE&google_cver=1&google_push=Aer7DvL6WXxdzunlUkD1lHdiBzrcfkCSdx4mazA-12foTkx9ATH8WM7HsFFxhKkGuJZyi_9mTBAnDrVUORsn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL6WXxdzunlUkD1lHdiBzrcfkCSdx4mazA-12foTkx9ATH8WM7HsFFxhKkGuJZyi_9mTBAnDrVUORsnYLnPpGv8bsd9zy8bjYw

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL6WXxdzunlUkD1lHdiBzrcfkCSdx4mazA-12foTkx9ATH8WM7HsFFxhKkGuJZyi_9mTBAnDrVUORsnYLnPpGv8bsd9zy8bjYw

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 10:43:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL6WXxdzunlUkD1lHdiBzrcfkCSdx4mazA-12foTkx9ATH8WM7HsFFxhKkGuJZyi_9mTBAnDrVUORsnYLnPpGv8bsd9zy8bjYw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 883F 0
12 B 33ms
32ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9Lv6TAKaC23MJp88iL88N5ppMD3hhsOJtfjmgcsF_mhdlKxoniPJh_LM5w1eX_UHmo4Wt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:43:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2095 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:11 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2095 15 KB
16 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 31336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2095 15 KB
15 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:14 GMT
x-content-type-options: nosniff
age: 673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:14 GMT

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8063 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 11:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 11:14:14 GMT

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.all-news.co/	1970-01-20 20:31:50	Name: __gads Value: ID=44d476778ba81456-2278f6069edd00cf:T=1681814602:RT=1681814602:S=ALNI_Mb9R-wkZQcyIGCyJSI2hluPcTbL7g
.all-news.co/	1970-01-20 20:31:50	Name: __gpi Value: UID=00000bd7fe16a951:T=1681814602:RT=1681814602:S=ALNI_MZNmtbTc4XY4sP6GkwYURM-kuXzVw
.doubleclick.net/	1970-01-20 20:31:50	Name: IDE Value: AHWqTUnPh7PbqiwGMIqpHf-HZE_eTrXzo5VWLqdK7ByF2whGSerMuc4pWvAWWaiTjKo
.doubleclick.net/	1970-01-20 11:10:18	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 11:10:15	Name: test_cookie Value: CheckForPermission
.quantserve.com/	1970-01-20 13:19:50	Name: d Value: EFQBCQHkKIEA
.quantserve.com/	1970-01-20 20:40:29	Name: mc Value: 643e744c-9d9d1-65a1e-b7596
.adform.net/	1970-01-20 11:53:26	Name: C Value: 1
.rfihub.com/	1970-01-20 20:31:50	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129Q_JLkr0K0ss9veKcjO0CDTPLQ5PNgjiNTSzMLQwNDEzMDE3tHzFiMoHALKS_ks9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129Q_JLkr0K0ss9veKcjO0CDTPLQ5PNgAASoqppx4AAAA
.rfihub.com/	1970-01-20 20:31:50	Name: rud Value: H4sIAAAAAAAA_-MStrA0MDe0NDM1NzYzMzUyMQayhfgMdXNMkhy9zHUNvTMKMgAYcKNiJQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MStrA0MDe0NDM1NzYzMzUyMQayhfgMdXNMkhy9zHUNvTMKMgAYcKNiJQAAAA
.adform.net/	1970-01-20 12:36:38	Name: uid Value: 2663030025166810140
.agkn.com/	1970-01-20 19:55:50	Name: ab Value: 0001%3AH9zDZylGaiTCbav1MGECIujLZia1ZPhD
.agkn.com/	1970-01-20 19:55:50	Name: u Value: C\|0CEAr0TDMK9EwzAAAAAAAAQ13AQCAAQpAAAAAAA
beacon.lynx.cognitivlabs.com/	1970-01-20 19:57:17	Name: UID Value: 9466f55a-a507-47eb-9ee6-5128be5604d5
beacon.lynx.cognitivlabs.com/	1970-01-20 19:57:17	Name: ss Value: eEc3zH3OSMXYEpkmRA2YyrJ2jZS41XIJOHAdfl8TNRXqQhXsE0FJQYrnQwhtURp7Xv2YkUlY%2F%2F%2FGamQ5CV%2FN%2BQ%3D%3D
.pubmatic.com/	1970-01-20 11:11:41	Name: KTPCACOOKIE Value: YES
.innovid.com/	1970-01-20 13:19:50	Name: uuid Value: 10ee791b-0f8b-4fd1-913c-dedab73315a3-20230418 06:43:24
.travelaudience.com/	1970-01-20 20:40:29	Name: _tracker Value: %7B%22UUID%22%3A%22E3FA5F1E-61EA-4440-AAC3-DF2D4EA7014E%22%7D
.yahoo.com/	1970-01-20 19:56:12	Name: A3 Value: d=AQABBEx0PmQCENj5YX0uJcIqJ_bggfUycMwFEgEBAQHFP2RIZAAAAAAA_eMAAA&S=AQAAAjKlbZrPgvfjJc5fN2WlVPk
.w55c.net/	1970-01-20 20:40:29	Name: wfivefivec Value: 9LUT1E6h1POIO05
.pubmatic.com/	1970-01-20 19:55:50	Name: KADUSERCOOKIE Value: 758EC08B-C9E2-4571-9765-6F837A7DD58E
.w55c.net/	1970-01-20 11:53:26	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-20 19:55:50	Name: everest_g_v2 Value: g_surferid~ZD50TQADpEwAwQBS
.metaffiliation.com/	1970-01-20 12:36:38	Name: neta_ssc Value: 72a7f457xbprikcy8rxiputnh2sk
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 72a7f457xbprikcy8rxiputnh2sk
.awin1.com/	1970-01-20 11:13:07	Name: awpv13463 Value: 412871\|1681814605\|d8bd71a0-ddd5-11ed-89a2-223974343f8d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 338696:3078744
.rentalmotorbike.com/	1970-01-20 19:55:50	Name: tsv Value: kMw!H_oYc2VBtys!AQ\|C6iA!A!~tncguKg*3x
.mathtag.com/	1970-01-20 20:36:09	Name: uuid Value: 0956643e-744d-4200-8cd4-a27b74adbd67
.mathtag.com/	1970-01-20 11:53:26	Name: mt_mop Value: 4:1681814605
.happ-e.fr/	1970-01-20 12:36:38	Name: neta_ssc Value: 2aebf457xbpz1jgdembvaodh1jbk
.happ-e.fr/	1969-12-31 23:59:59	Name: netases_ssc Value: 2aebf457xbpz1jgdembvaodh1jbk
.happ-e.fr/	1970-01-20 12:36:38	Name: kwknc_ssc Value: dp4b11756c8631b27-b25laWQ4V2c4c0RmOGZnRUpoZ0hKSEV0eHRRREdmR1N3VHA2V1R6RHIyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDE0Ml9GcmFuY2VfTW9yZVZvbHVtZQ%3D%3D
.happ-e.fr/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4b11756c8631b27-b25laWQ4V2c4c0RmOGZnRUpoZ0hKSEV0eHRRREdmR1N3VHA2V1R6RHIyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDE0Ml9GcmFuY2VfTW9yZVZvbHVtZQ%3D%3D
.metaffiliation.com/	1970-01-20 12:36:38	Name: kwknc_ssc Value: dp4e34356c8631d13-b25laWRZQXo2Q3JmM2YxZXpzVkg5SGV0UXRZNkFDa1MxVGRBZVVKUW1kb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDE0Ml9GcmFuY2VfTW9yZVZvbHVtZQ%3D%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4e34356c8631d13-b25laWRZQXo2Q3JmM2YxZXpzVkg5SGV0UXRZNkFDa1MxVGRBZVVKUW1kb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDE0Ml9GcmFuY2VfTW9yZVZvbHVtZQ%3D%3D

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jkb5r8tbpnndgjxd3y90tvk701zases8b14rsa3f3py37mab7g1x7q7heyqhtc1xwg9a0z7dcg8wr2as8cbs1wm2qw47g5ps20yreh3zasr7g3kp6r82hxn4mkejxe8daftz2kt8b9wvt2f63dyrmb3b6qnc9gxsfhfnhhah56tvktks2sfvx9rkqn3dz7x748wn5s287r5sthkd7qjpx87tc9nfps8y8c0rkmbbaf9edpc5c49exse5sgpks55m9bfbve88p3py7ga8hr92hn8f1qntdqdbxhcfyj71ewn2dg2wvzcj369yqxhetb2pdhejqqa315e4vdzk4sz95r3b601750bshz0s3p26y8mrcjfzga11cn4psxmdgqxb8cpej23s7m2nvsfgt86rgg2y926ke61ynyptxq4xsbbdgh58ydy821wne2sv8kby471q7rhfq1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%26client%3Dca-pub-8439024877331049%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1k4ekyryr6gccvs4n0mwq5nennsnk7htmeve1pjdb0s7tae200tjtje7xnh27cxy1k09a1qy0v52kevyg84hq9hy54r9jb0sb4e90d6y0fhmjxnyhm09eds70hfd6zehq3d437cq179n6jm0cyppy76vmrt9t8gke195sk84pvw1jhgrse8w8tbn9kcv0tsja334238yh4dt5q03pym9jy1taf4ftctg5wm1vzgwd08m39ecn0neex8dt9ptynbcptzeetn9ban8f3yzh64zd7ppttn5b8dfyazahj3crk7nh59w4a2qmz5etqpx3868c4gdnrf72e6rmfxrf0xxftr7djwb44z33brh1kwa8f3fvhv0hdhkch0j6zrm13vw0gxytbz95y15203nkadxynx0emwpk8yk3mphrscnkbnc803rd8d948gn3918sjkwfcbn6vt49mvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%26client%3Dca-pub-8439024877331049%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=9ebc815a366253b29f1ce01423d54c9a%2F10902196287662206583&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605014&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kmqkqn3nxqgw1td4zwtqgkgbbh90h79qe74b7n0w39ch40x6mqj5j7yxsgq3pc7j948ppxzzwcskd4765vn110t6zwe44q3n79rrm9xdv386n63txe53htd9fbvhgm0vbr2cpxzx400sr1stfzh94c0bcf5zztskaxshhkwqqvyqgytcres1fhh63tk2dbxqnw0am7enmc4eghds3qq4ter06g86a60zzyths8h5h7a0nvvmdvf6kwrd3aaa3pa475cws7krwk1we61sa43ba2718%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4LARS3Q-ZM7gLqHVhAbn0pLwB-LSsvZhx7GOio4IwI23ARABIABg1waCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakC1MKjsvJesj6oAwGqBLUBT9C-7AS3zVc9jjmTyKRhY2IuJq9mUaGk3diCaZwZbVqY8qJ7lFTxYgwyyNtWG41CoVnNbmOzOwvJc8NlQ-j64ZzuYIbkQ9sS3TZO_xFI2J6Dz7KSztFihQ1J51raeZnFuJJGATPrEalmN929WcTCxvAwsORU5B8LYyX7qdrtVhuYFNZvu_UP-OLpCE0InwPMlrjo4OacLh4lLSVsw0jWo_aVWIAsLl-Z2Ac3J0wV2ZkiX9NEpYAG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1nG3-OFsQQx7J00Y6z1R15qQ1_xw%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=468528%2C324053%2C23302&b=mQGeSefGfYG9eamHZHZtztWYmmUKSwTeMRTbJMK%2CbGzphQfZfq1mYfYHbHztKtEDwBfbSJTMm9s2wj9%2C8Wg8sDf8fgEJhgHJHEtxtQDGfGSwTp6WTzDr2&f=7AB8CqfzfA3MxUrHXHgtECY8EEa4S1TQbwfE9eK%2C3rBVTpf4fVdj3T7HrHAtXCMr9GFPSWTKX2hA4wq%2CZZzMawfBfKGDumHDHDtDCPArT6SXTQ41f27r3&c=300&d=250&e=&g=3dd1e6af09ea1eecfca84decc03c80d6%2F1268962777613406560&i=114388%2C111727%2C27349&j=52%2C16%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0xjdg3tce9f3yb2m2y5gf6cahehfy17pahhffjgg33bn4fnh49na0rzjw8gc4g2kjkdt3bj6cnr5xykts2z370etdrbm67zv9bsjk29sn1vp4xqzhvz97e50rsvn3r4ysq6q2zst13m54v4j08q31bxnc6v5szvj7pjtc6a00r2wrfs2e383xt5g0dcsrvdm2qkhzax2dgkabax9m63es0ve1zhkpc0cd5skcbmq4cz9r88vf0na8q8xvcnfvf62ck1wmevbf5qzdnjcvk1tgs5w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyVoKS3Q-ZKGKLKqKrr4P1_iziA3i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAtTCo7LyXrI-qAMBqgS1AU_Qn847f8bN8gd0r6CZPdWNTXF0kYxnmDPlpBKRs56gihxMaNCk_CwXMoe9ZGB-hQVnL33HHWw6K6dValP-MZ7xXtF9Q1HIwu14RWYnhi2HJI2qtRuejNeeIkh1O7QghQD_jQ8FUdDEJK2gFEGlebk7MLyLqP4gDg7bSWSu_qDifgx9IVEQAEaMtt7qZBE9CXC-EXxUzIOtD8NNC8ExKwUw5A5q18DhXQOciXYAyaTUgXxzociABuqP7urn5-L1hAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1doSAOhBx17IK1G6qB5lA41Pw6Tg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1gse7ky4y33q8ee0m7kn0s4p7j4ewjzbngn1j66xa7xrtqsj8banzt057k74n3asxw88jdspnsgz2y3kz9dj72syg2kha7vx9amyasc8ve7mxnh88rbgevax44e62ngd88vawwc7jz5w9rytey5axp07tv0xepvy4p9rty08ep1dh4d0cx4b2xr537v22hxhgpmtgkmd6egdy5xhpgq4c1hk6f9kx2e5jz8npcn534ea86na0n6dtfyc832cdrejjt1v3cradzekekne2ghkhatzx46zg518w51n3jn8dmbcm1y2a7x7mmfyeyanbbqser8r8qcy0nbqm9b3a6eyezrcp7qss2qq4tnazyfat12qyvjdn21ak4z3kjak7vnrqsev6nz05a787zc74b4dphg4fahwh98gy6gh0nnf1tzwya2kksmspkr988z49g2509xx27vbw26g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%26client%3Dca-pub-8439024877331049%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=331863%2C337344%2C15737&b=XgeYczfrfxMJqc6H4HetqtY8XUQSkT5e9hXj84%2CRBPJhgfQfk8P2ukHwH3tQtwGzws9SzTYz9aDqQx%2CYAz6Crf3f1ezsVH9HetQtY6ACkS1TdAeUJQmd&f=e5z1C3fVfJKPxSjHZHet2CZ8PTwSQTKAwhYQzw%2CQEb9a4fjfpQ9XhxH5HYt9Cb23bH6S4TGdWCRG4Y%2CqxWKtmfWfD9ZsZHgHDtRCK48seSgTJKehpQBP&c=300&d=250&e=&g=84b6391c227ec945e72f6a2be71dd7e8%2F17322711227955574971&i=27718%2C74253%2C2951&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach142_France_MoreVolume&r=1681814605674&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhrjv91a5sb3q58mpg062v47kcdecg8cmmmkmxqbqsqmxqr2adfmv2qve8mjw7bqh0e7eaq8abaz0nedyxnfvfjh1qygmw2xwt3fww4fgqq8v1xrng156dpbe7svc3ngj8bzgjs28ecv8jgm22s03dxrbnc84hbxfmpn5tvq5xd3sjdggv2cdny3zkj2jnk76mmj6w187pd3668rytakm5jfrtvj8tkvazn1q0k16gc1vsqc374hgkdyk7x6423hvgepbk2ax0d7k5ckwrpas79cc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3AcS3Q-ZLnMLoSohAXN9bq4B-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCakCkIRnZppbsj6oAwGqBLUBT9ATvFatEmfmzmbSJVVrR-r2efqVnOaNKJjGwrF1ysjlObu-i6Y3lU8caYXuZW4-GqR-ybFERmiSw0UMppzPh20G_YkegeC5jcGXqKMX3qt2wwu8vWXcHW29UNw5KupPTIWw7vWSTsDU3ttxwns13eIS23UgN3PYggSt5L7r4FGwVE8PN1Dt70b3O011CWJGbUlP5BNCPIbFwHq8ULRvSK0JMaomzLnYnnC1BOxeTdds1Q4uZ4AG6o_u6ufn4vWEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EfGviKbpj-NcIbujuie5fAZlxlA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
action.metaffiliation.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.fr
ag.innovid.com
all-news.co
as.ad4m.at
assets.ad4m.at
beacon.lynx.cognitivlabs.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dclk-match.dotomi.com
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
img.metaffiliation.com
latner.rentalmotorbike.com
m.media-amazon.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
res.cloudinary.com
rtb.openx.net
static-de.ad4mat.net
sync-tm.everesttech.net
sync.mathtag.com
tiptopessen.online
tpc.googlesyndication.com
vcb.happ-e.fr
wms-na.amazon-adsystem.com
ws-na.amazon-adsystem.com
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
108.138.17.219
142.250.185.194
151.101.66.49
185.29.134.244
185.64.190.78
192.229.220.129
193.0.160.130
23.210.125.176
2600:1901:0:76b9::
2600:9000:225e:6800:1d:d7f6:39d2:2dc1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6813:a741
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:fa8:8806:20::2010
2a05:d018:d29:3602:3c62:769f:9ada:eb15
2a05:d01c:1d8:8100:7781:4495:ac65:b0a4
3.121.161.233
3.229.46.135
35.187.21.229
35.190.0.66
35.227.252.103
37.157.2.237
5.189.131.58
51.38.120.206
52.46.131.85
52.57.125.56
52.94.237.66
69.173.144.165
85.25.194.235
95.131.136.1
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
052aeff997a661ee5c12b4da9286a678d0f0fb08c1eefd00f25fe04d410575d4
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2
1465172ee245b3f97544f5cf018dea9f4182dd330844a03679f1afa8c91e8aba
17edef99bef680cc1c32e746657d7687fdc5fb9d195994300c2902983f948c8f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
198a13fd37b3d45a2a089dc1c04c1691eaf37c9983a08ea5ca01c44d89b01049
1a3fded969554c4ef1f2fa956c10ee4a8bd657bd87d60bb965c9866d8ee2530b
1a89f8c68a895c381e3458ba07a2f3c67281946a804d7ece174f5428ff13ef71
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1c33d2b3fdd0df6b009b984bb9c6a16d2c3c624c772e4f4362a1f2fc73c9c7e0
2422b40e621f2c9205f40f6f3227e2472391af93be84bba302a9dbc6efe18786
262e71e77a987421124a8888dc71cafe291b7501a89bee9cc18f109ea628ed5b
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
290c6afdd56d327deaf7c515969bd137b4d3fabcf2476e585eaa49c21a5e1ead
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fdf50fbd3a7b53640690ae5d248d246e60a7735577072746438c970864e250b
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
30ef6c6b72d6b7d411de69a0f68d352af11dce0de9b6a2a13704cdafd448b99d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
330bbc3629c7a405969b90a89a405e73c8b9ee031112b31c6b27390fb2394216
382678c90850780ce23f727f52331a6c3a6ac88747399ec75e8002c96d9781b9
3a7a20b40611c3c0cfbfac244061d7d5b79db8b6c9b78ed43ec11c0d952a7378
3e8aba35e311921c7c0f18dc4aac59bd6f04fc39498ab97de2ace42bd56d86e4
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
3f0ab2aa653a9a5c555943c2ce92a269b9335fdf3b8cd568f960e1216f82117d
4390f854512f2b29e3bc81d35572b75883f2a96ce0f146eca72d71ee3417d79e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
493142d9a638ea11c76a6d057aefee45ebab3dff77afd834e77c194e52ddff75
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5041bcdc7d3c868b268381ef8e00deb76484498202acf18bf4ed2487dd1a92d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf
58ec48d4b2f76f2e63e163a7292d6cf6fe8daee7e4e660dce65eacea9ebf8c3a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d70ce3634a802c55840a92bd6521cc811972195b5374f45b2e3a4f4efc138e5
5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
684eb93031676cc446b9ae1fde5c980d09342733775d44abe052c31b16c43e10
6c711e7939187c82f8ee963b72e8d9bb34338ee60be229dd0417527f57a1e8a1
726b5d151a553af830624fb750b99c4b55c10c6175766c29fcdcec7c245b1f0f
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
74eb51d454b85392a8a2025cc8736cb7fb8ae8ef4879d64c77bd5f27599faea4
796cd8483abbd5dab817f94bbabc67e9d72b0a92aba74799e1ed245572a88f51
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f
7d78fea6c0a61aa98a97771861496949e3e8a0b3e736e898777116d99e91988f
7ef72da35a5d49f2277a6c30b667d990e73b3b6de297632da934f173598c8f5e
82c6cff4996c575f0df00e849848f266fc6017c19eafce9f8b621d8f1fe5de2a
833d480021e0c7dabb6b1a839eaa3e70843803e3a7f8bdd2eeba8007cb130bba
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8e3e9f8d954bbc4ccaaaba37ec087200fc27613396bef7935fa0057a5b125d8a
907c75a67c40695afaa4e6cf64d178000ce40c967640a6b2eb9b7b53807dfc6d
91b1f3d56b7999e52c3c07650e45c8624d456ec35e8bd2333a7170307dcb77dc
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017
95e4e392cc14ceca1448db3f32c0bb5d6dfdf05020c955f5492909eb7e6a6dea
9653a9edd7ed89208dfdfbf6dc4a8d7adc2acc4a560feacdda3d30cb6879c883
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9
a02fa41b2e947801de119035024ce9709dc6b429e0c71536b0adde2da8f22fa8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2dfcbfa434f2c9f633e38e914d0398d9b9f2033e70bd2e0c696d959e8ae90db
a2fe930e82faaf6889e91c7e43552a136bf54a779abd70f2a2680192e825c3e4
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59ce7ea08005afe7ad99ef17ca8ef9f2e85e20d8a61f253cb9644d0eaa3af91
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b2628b197090cf140287d3cf378d38c9f3246e873be30aefad546068b34bec85
b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28
b9d23ceb37946ecb8e0b9f81f4507bddb7c788f954df5d352e1ecde2643d50d6
bace2e8ecac5ad937e289ecab673d2cce6ef612bad0ba5b079de0560243c3ac4
bce0175c07744b4af1bd11d51e4925bd81572be7f8febf8da4f00c2acb9462e0
bcf3e6e4a35cb94185171bc176fb842b2e9a8e1d82c1b52f2e3b2f19f1ee98b5
bcfb8c842c67774da81bd08ee258e11c39be98b60838c760ec6aa93438d1a171
bd95205e9a1d26bcf8b72e41f6b19d85ac00830efebcae99a05e343a0c5b8311
bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5
be49950bb233dedd525e7fe74d73334cf81440f0ae6834246082253bc427b8fe
c0415527dbb6eebe1f03168848c499646fd2073fad08ce77c5d79d9bb61c8d72
c10a61f90c6fea05c4778ec6a311d002f808c31cd4915d0a7f86dccdf38b5252
c12cbb5ef078cd1e4ba73442d3d92ee46066fefbe9c69fa13d766a6d29d5bae8
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c3b53b878d85deddba8c6437a20209c5db96d5d669cc4462d4d5b48b8cedb7b9
c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbcb045d07c818a5c3d8129dae01a164d0c08f24309d036232e755b78856b05b
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
d0835a49440a1a0bf7bcb067866139190ba9b9a36d46f840c626891f7cb98c25
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d28f17021f343dc11e3ef559e83aa10c5797ae91e9235a5409c2613ee8c3de4f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d94ca4527129dcc614dfd54573ee4f338f9a8936c4a3cb62c52d6858a3e0d9aa
dc1ed4f62794ad5927220d9e6b4e11d69ba7e4b0c4b0f511bf70ce3702d99d0b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
df013962b1dd943a34c1dc2f01e85144ac8ae916b6606ccef13fb212a3008ad0
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e18444f26e7ab6cccc58eed5d7cfb5074d7ad4ed55bba3bbeb9e5b212d653c60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d35a7ea582a6f23d9f8167a3174d8f0a59c61229ad7195ba8ab78eedb8844f
e5ab9ee9e13a9e0476d3680e0d8002d168a39b6cf05486dfea9533809d0c165e
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49
f43ef8895064453530c715887da4cd1714b270f867a7147bd74455b62763704c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8900dfcb3fb3061252db53c35479af4ed2ac43949275adbdace2737b361674b
fa655ef31fd302281f62504e0c9ddc83ca79b261a57e546f91ae8889e2ef8e89

all-news.co Open in urlscan Pro 5.189.131.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

270 Requests

91 %HTTPS

49 %IPv6

35 Domains

45 Subdomains

30 IPs

8 Countries

6383 kBTransfer

9549 kBSize

38 Cookies

3 Outgoing links

Page URL History

Redirected requests

270 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

all-news.co Open in urlscan Pro
5.189.131.58 Public Scan

Screenshot
Live screenshot

Full Image

270
Requests

91 %
HTTPS

49 %
IPv6

35
Domains

45
Subdomains

30
IPs

8
Countries

6383 kB
Transfer

9549 kB
Size

38
Cookies

270 HTTP transactions
11 data transactions