www.onmanorama.com Open in urlscan Pro
96.16.151.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.onmanorama.com/
Submission: On April 06 via manual (April 6th 2022, 2:45:33 am UTC) from SG — Scanned from DE

Summary HTTP 264 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 54 IPs in 10 countries across 37 domains to perform 264 HTTP transactions. The main IP is 96.16.151.200, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.onmanorama.com. The Cisco Umbrella rank of the primary domain is 294574.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 8th 2021. Valid for: a year.

This is the only time www.onmanorama.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	96.16.151.200 96.16.151.200	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	23.35.237.37 23.35.237.37	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.16.89.20 104.16.89.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	69.192.160.133 69.192.160.133	16625 (AKAMAI-AS) (AKAMAI-AS)
12	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5	151.101.2.27 151.101.2.27	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 3	99.86.4.2 99.86.4.2	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:2a00:b:3c99:a880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:8c00:12:c2b1:eac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:27::... 2620:1ec:27::cafe:1761	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
22	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	18.66.245.194 18.66.245.194	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	99.86.4.66 99.86.4.66	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	172.105.43.230 172.105.43.230	63949 (LINODE-AP...) (LINODE-AP Linode)
2 9	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
5	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	88.221.111.24 88.221.111.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 13	54.76.90.159 54.76.90.159	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	23.35.232.134 23.35.232.134	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20d... 2600:9000:20d7:ba00:1f:612c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	142.251.1.94 142.251.1.94	15169 (GOOGLE) (GOOGLE)
1	74.125.140.154 74.125.140.154	15169 (GOOGLE) (GOOGLE)
2	3.212.253.181 3.212.253.181	14618 (AMAZON-AES) (AMAZON-AES)
1	51.195.5.38 51.195.5.38	16276 (OVH) (OVH)
1 1	52.91.215.149 52.91.215.149	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.79.88.164 104.79.88.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.50.215.59 52.50.215.59	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	46.51.146.69 46.51.146.69	16509 (AMAZON-02) (AMAZON-02)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:6f::8	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	92.123.194.164 92.123.194.164	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	92.123.194.137 92.123.194.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c244	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.76.43.248 54.76.43.248	16509 (AMAZON-02) (AMAZON-02)
264	54

44 96.16.151.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-151-200.deploy.static.akamaitechnologies.com

www.onmanorama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
css.onmanorama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onmanorama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
specials.manoramaonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.onmanorama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-37.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-133.deploy.static.akamaitechnologies.com

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179910.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.2 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-2.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2a00:b:3c99:a880:93a1 (United States)

ASN16509 (AMAZON-02, US)

me-ssl.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8c00:12:c2b1:eac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.mmonline.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1761 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.245.194 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-245-194.dus51.r.cloudfront.net

cf-images.ap-southeast-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-66.fra6.r.cloudfront.net

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.43.230 (Mumbai, India)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 172-105-43-230.ip.linodeusercontent.com

covidapi.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.111.24 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-111-24.deploy.static.akamaitechnologies.com

bcboltmmcltd-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.76.90.159 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.232.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-232-134.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.247 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:ba00:1f:612c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

detect-survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.1.94 (United States)

ASN15169 (GOOGLE, US)
PTR: lb-in-f94.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.212.253.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-253-181.compute-1.amazonaws.com

survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.5.38 (France)

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.91.215.149 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-91-215-149.compute-1.amazonaws.com

eus-api.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.88.164 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.215.59 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-215-59.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.146.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-146-69.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:6f::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5ednsk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.194.164 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-164.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.194.137 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-137.deploy.static.akamaitechnologies.com

3fznpbk4ppbkiysm73dq-pdafho-3c42d3037-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ef::5c7b:c244 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eaarwyaqcaaagkqce3yab3yaabrez7wh-pdafho-31f583015-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.43.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-43-248.eu-west-1.compute.amazonaws.com

scribe-news.mmonline.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 125 ade.googlesyndication.com — Cisco Umbrella Rank: 261	468 KB
35	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274 bid.g.doubleclick.net — Cisco Umbrella Rank: 492	302 KB
34	onmanorama.com www.onmanorama.com — Cisco Umbrella Rank: 294574 css.onmanorama.com — Cisco Umbrella Rank: 914319 img.onmanorama.com — Cisco Umbrella Rank: 254442 js.onmanorama.com	678 KB
18	effectivemeasure.net 1 redirects me-ssl.effectivemeasure.net — Cisco Umbrella Rank: 183788 t.effectivemeasure.net — Cisco Umbrella Rank: 48374 collector.effectivemeasure.net — Cisco Umbrella Rank: 30627 detect-survey.effectivemeasure.net — Cisco Umbrella Rank: 148079 survey.effectivemeasure.net — Cisco Umbrella Rank: 57731	14 KB
17	gstatic.com fonts.gstatic.com csi.gstatic.com	249 KB
12	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	2 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	230 KB
10	manoramaonline.com specials.manoramaonline.com — Cisco Umbrella Rank: 213918	77 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 imasdk.googleapis.com — Cisco Umbrella Rank: 405	128 KB
8	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 257 gcdn.2mdn.net — Cisco Umbrella Rank: 937 r3---sn-4g5ednsk.c.2mdn.net — Cisco Umbrella Rank: 686560	3 MB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1230 i.clarity.ms — Cisco Umbrella Rank: 2095 c.clarity.ms — Cisco Umbrella Rank: 644	25 KB
7	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 4746 metrics.brightcove.com — Cisco Umbrella Rank: 3558	4 KB
6	akamaihd.net 2 redirects bcboltmmcltd-a.akamaihd.net — Cisco Umbrella Rank: 561556 trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1968 3fznpbk4ppbkiysm73dq-pdafho-3c42d3037-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1963 eaarwyaqcaaagkqce3yab3yaabrez7wh-pdafho-31f583015-clienttons-s.akamaihd.net	444 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 8069 www.google.de — Cisco Umbrella Rank: 5640	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	4 KB
4	boltdns.net cf-images.ap-southeast-1.prod.boltdns.net — Cisco Umbrella Rank: 145186 manifest.prod.boltdns.net — Cisco Umbrella Rank: 4520	15 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 132	2 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 431	51 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	100 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 326	917 B
2	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 2549	933 B
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 806	536 B
2	mmonline.io sdk.mmonline.io — Cisco Umbrella Rank: 346232 scribe-news.mmonline.io — Cisco Umbrella Rank: 180971	11 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1259 c.go-mpulse.net — Cisco Umbrella Rank: 552	49 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	80 KB
1	akstat.io 02179910.akstat.io — Cisco Umbrella Rank: 59093	204 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 230	553 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 428	338 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1197	632 B
1	ccgateway.net 1 redirects eus-api.ccgateway.net — Cisco Umbrella Rank: 8495	619 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 607	1009 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	476 B
1	unibots.in covidapi.unibots.in — Cisco Umbrella Rank: 228220	11 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 4816	7 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3396	202 KB
264	37

	Domain	Requested by
25	img.onmanorama.com	www.onmanorama.com
23	tpc.googlesyndication.com	946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com www.onmanorama.com tpc.googlesyndication.com imasdk.googleapis.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
22	pagead2.googlesyndication.com	www.googletagmanager.com pagead2.googlesyndication.com www.onmanorama.com googleads.g.doubleclick.net 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
13	collector.effectivemeasure.net	1 redirects www.onmanorama.com t.effectivemeasure.net
13	fonts.gstatic.com	fonts.googleapis.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.onmanorama.com 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.onmanorama.com 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
11	cdn.ampproject.org	securepubads.g.doubleclick.net 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
10	specials.manoramaonline.com	www.onmanorama.com specials.manoramaonline.com
9	www.google.com	2 redirects www.onmanorama.com 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com tpc.googlesyndication.com
7	fonts.googleapis.com	www.onmanorama.com specials.manoramaonline.com 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
5	s0.2mdn.net	www.onmanorama.com s0.2mdn.net
5	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
5	i.clarity.ms	www.clarity.ms i.clarity.ms
5	946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	metrics.brightcove.com	www.onmanorama.com
5	css.onmanorama.com	www.onmanorama.com css.onmanorama.com
4	ade.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.onmanorama.com www.google-analytics.com
3	googleads4.g.doubleclick.net	www.onmanorama.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	manifest.prod.boltdns.net	players.brightcove.net
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.onmanorama.com
3	cdn.jsdelivr.net	www.onmanorama.com
3	www.googletagservices.com	www.onmanorama.com googleads.g.doubleclick.net
3	www.onmanorama.com	www.onmanorama.com js.onmanorama.com
2	c.clarity.ms	1 redirects
2	r3---sn-4g5ednsk.c.2mdn.net	www.onmanorama.com
2	match.adsrvr.org	2 redirects
2	dmp.adform.net	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	survey.effectivemeasure.net	t.effectivemeasure.net
2	imasdk.googleapis.com	946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
2	bcboltmmcltd-a.akamaihd.net	players.brightcove.net
2	www.google.de	www.onmanorama.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	edge.api.brightcove.com	players.brightcove.net
2	www.googletagmanager.com	www.onmanorama.com
1	scribe-news.mmonline.io	sdk.mmonline.io
1	02179910.akstat.io	s.go-mpulse.net
1	eaarwyaqcaaagkqce3yab3yaabrez7wh-pdafho-31f583015-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	3fznpbk4ppbkiysm73dq-pdafho-3c42d3037-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	c.bing.com	1 redirects
1	gcdn.2mdn.net	1 redirects
1	beacon.krxd.net	www.onmanorama.com
1	pixel.mathtag.com	1 redirects
1	eus-api.ccgateway.net	1 redirects
1	id5-sync.com	www.onmanorama.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	detect-survey.effectivemeasure.net	t.effectivemeasure.net
1	c.go-mpulse.net	s.go-mpulse.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	covidapi.unibots.in	www.onmanorama.com
1	t.effectivemeasure.net	me-ssl.effectivemeasure.net
1	cf-images.ap-southeast-1.prod.boltdns.net	www.onmanorama.com
1	www.clarity.ms	www.onmanorama.com
1	sdk.mmonline.io	www.googletagmanager.com
1	me-ssl.effectivemeasure.net	www.onmanorama.com
1	vjs.zencdn.net	players.brightcove.net
1	s.go-mpulse.net	www.onmanorama.com
1	js.onmanorama.com	www.onmanorama.com
1	players.brightcove.net	www.onmanorama.com
264	68

This site contains links to these domains. Also see Links.

Domain
www.manoramaonline.com
epaper.manoramaonline.com
play.google.com
itunes.apple.com
www.manoramanews.com
www.manoramamax.com
www.radiomango.fm
subscribe.manoramaonline.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com
www.m4marry.com
www.helloaddress.com
www.quickerala.com
www.qkdoc.com
www.manoramahorizon.com
www.vanitha.in
www.theweek.in
www.manoramayearbook.in
www.theman.in
advt.manoramaonline.com

Subject Issuer	Validity	Valid
manoramaonline.com DigiCert SHA2 Secure Server CA	`2021-10-08` - `2022-10-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2021-08-04` - `2022-08-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
*.adapter.ooyala.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-13` - `2022-06-14`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.effectivemeasure.net Amazon	`2022-04-06` - `2023-05-06`	a year	crt.sh
mmonline.io Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
cricket.unibots.in R3	`2022-02-22` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-03-29` - `2022-06-07`	2 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.onmanorama.com/
Frame ID: AC42EDF1EDC6D02CEC52A9EC8A853C8A
Requests: 134 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/J3MDQ-48JJW-ZLEFB-4N52D-G4L2D
Frame ID: F14D16ED8CACD6ACC278284122D21B1D
Requests: 4 HTTP requests in this frame

Frame: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9EC16BA828990B89B9EC623A354E5B8E
Requests: 1 HTTP requests in this frame

Frame: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
Frame ID: A61CECFF63D9997035D9C732ABA68CA5
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20190131/zrt_lookup.html
Frame ID: 500F319ABB34ED3C57ABF078991C06CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4075694933314520&output=html&adk=1812271804&adf=3025194257&lmt=1649213125&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.onmanorama.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649213125013&bpp=3&bdt=790&idt=496&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7d032cd1b34dba2-224d921c70cd002d%3AT%3D1649213124%3AS%3DALNI_MZWHG1AaOzoy6Cf4hF9eeZjPUWY2w&nras=1&correlator=6733942468133&frm=20&pv=2&ga_vid=797995697.1649213125&ga_sid=1649213125&ga_hid=786834084&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=472305527291753&pem=395&tmod=47166265&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=523
Frame ID: 5C10BAA7202AD121FB2A65DA5F2BEA7C
Requests: 1 HTTP requests in this frame

Frame: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E65125DE51F262D119F0D63F934DCA56
Requests: 19 HTTP requests in this frame

Frame: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9FF5BD60654361227615C4C50BE4CF49
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbh_LEATAB&v=APEucNXhXXMyLIGvPVce7sAenYMl8JaDUhoUxivfXZq8uOtCE_uQKjRywJdnZYV2-lTc6P7H4poZHMZro8MAZFlXo_aZ33Vds9bOhmykS_-3Qygffd5zssQxADp75hrqEMbi7mGCiLLAM250hhzHqIbiLxBSl44mJLUmxsg4rgTnUogM0-EhqmU
Frame ID: 79A0BB64983CE4B0034027F289013FA9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuvTESd63czyAfA-5RY0R-fz7IkfppvzFBRnpn-WZwdY9elCbNAGvsDArJhdgz61lJAwAO_f3dklft_1-CySZgx8i_IU_diqZiAnJSraEMqqi3lYjCJzFltICWgEdC6jl-QNQp7fIfKPKSJwXQpoP2Rff0Ow&dbm_d=AKAmf-Ds5e-1Im9ybSOEOMmDU8vScHJnX4TXBlgFA9CdkZZ8aAGmpuMzIFQSqnmGcufQgpdb-KdZx7lYzR9RlhSrDdRnzRgTjDkxMqEwcUtM0OudZdKEvVrb479JEvCqlRMbQ9e9qtwGGd1pIyZZ7sefjSr3iV8qbnrYW-0x9X6_0bBVqTRZzqTMgPfcEhhCU3fCfjnp1RknkeaHZKVLaPn7K0n_KZHjad4hW4D7n0SyMzm3fwX_RwJ2q0BJDGh0vWSH7JdSindsB8hOjj6_lBpptdjd1RG0pxED2Ypu7PFfer9FrNKJrykLVGNmJ68L5UEzcp8C7CKI2xWRHnZNQxLA-3ib6FQcig2NijdOTj-zI6bVV0-dJb-tvo3sUKbiLb0z9uv1C0LJWtMrUNy4bcCvdNUj3475itjMPpsIKlRYFddfjY0AwWURx_mF83u1JardelQP2VpuY5T0b-gEVHi5yVgPkfLVojquqa7YQtCJAUUxXRYW8YJ1k10Sskz_GH11kAJap7m2nhg7aFFQjNm0LMyu2u8P6SkA1qttZ3UXIMLsbfKxNo0SvbeTqBMwF77vDNBKpLMVT-Q_7juERyuF4OEEqjAf0zHjc_f8LItjxYQEHPPk69ttwIvYc2YiNiDFEDtwWWjLFKiFwmzwdejmzYCpdwr9OS1xD_NKPww2ruFCkOMN50OBZYDZ3uQJLSPn9P5W6VuhjFJavinTZ4zifJnS4XiL1q2pidy7wG8f4-9FaV8EflzGxkdG20SJlcbNLcm1XgGpdA1n10wETqnIMyWbG4llsNeHSGw8kNpIpi0agHVJsAe9FptnY4fI-NIlWddWtYm9A_gIrU_OgNJu7zH9KdUEDdrvQLPBp45rlwhNzswYCZXAQDZ1RcLijC5Q_zQow3XlhigCeXayRZ7L-WB-QEwEZ_stIHizFmZcloEDE1l5eWzvzREnR95H9QOGuNKuXeWdLRanR5EFenM335u1bcrB6s_imhnCwuKqfnrHn3pagbLfnXES53diEfU5sXnAzHU5GDW007Zlr2nSb4vGHgp9xKnvpo4qanosp0ZqOK74wh0OLxW1WagIHnyiELByZYRWBve73cp-QCUHfOiw-JcetknCTF7N25VoHnZmQfQ42luJyu66AF4J5cglOhsERCjPiUWmy-zdKDoWwPJBJooZzIk33PeKVDrQYFFpTOikcuaFy7YL2XP-2E2H8cVA1Xwoo9o_fLulnbOdcIH12kp3hwaeYUnNdygJfOwsmL7ezval1AvmnttkT_-TnzYz90J-6CYETBVoa7Sd0G9RZWFuJN2EmS02-fTEuvOWPXaYBFSldWx9SL3beDDJW9nhM-lRgJWiUO9cljptBndy1jfZg9DOrVdZGuyHZpCTuoruSiT8LR0A1q5577dVk-HOISA1PwLFNVUqIAR3kVEtIbAd1XQxwoBi-4e77B5E9L4-ZXa2W1YJg_HnuLeMJvIPhw78ELpayPnK7jzcu7ZgwWTFiGZ4f4cOureL8bsR_uNrfbsQXOmKAr4wnpcbPKtkBtmGp1sh024E0iXweQFCrWasWuLC0N6dG2DbIJIv8H61cq0m4SVTxUo7Jl8lNBdpjwUPbSc2zTqDimga3n0yAm5WuQ86_CM7_C9w1ymlsv4GsE1AY4zRxmCJhw__OXUZgLXfQPqfYgeT4HoCwlTq1XtwwBeYHNcGBu3HoFPWtPdoaf512c_Ir8XfSd9YgGIOKi_Q40Hx2lLRrC3pXNMWBAIz7kF4S7wOoxK0wD0Ez3Pbo5LCEnP2S_m1m2Roz-F9JMYuKCbPARbETNY2tz_-hVc-kFTtaAFdXlaPxsJhGZPt6btqQvbhzLcwIZ4i2BOIXv2U6sNLqe5huV5EK3wN-n-gV0y31kd7AWZsFDg57LK6F4I6MwnxvuBwC2_u570SC-tzYvJhdC72vT3LyRE_kQWId4go9DK2OysC5BctmsNqSA46gNp4KLZhXGRe4JJ5GQLR1sTWVMcj_OP0jy4JYLaFzPtrGL2wIhkHuOgDLdCqoW5CA6n3SsdzBU8VqpTYrHpnETmrT24TOnyEzo5f_RvHRZI-xubt-SU1SSeCWNr_GJFhnQdZ88qUQVpnp3c6FvunrTAtndCzFGhaACRwrpkDsvbqDXgpuZTWRBan4P7fOCO4i9x3DUQVcriH_aAyI0_corGwLJy0HU8g36SPdqMumv1I56Mijv86ZOFPq0I2AJb2InCxgw8qKtWAM64tNRV1BIPvydek4MIX4TNVETVEde2liiwa__5TTScWCIgp76g8f9xbO4ULEPbRGaKzx9otK4_NpGjIT-kW3UXbjXlsASXkJRUE8OiuZEk1-4-f5G7SJjwgvHK_HZ6CYYRE_2A9laIBs-FMXHXGPDLktwHbz_GCgPJE8eA_HHLyQf4pNeCtmrecnWZggcV08LdSXwfK2chmEkOyI-k0LDa6WxCBqwmPghsATKwRlih78wa-7lr0SK7hW4VgMpImYgwqoeuco2FI57xDHFgA1RtNfPuGqKi5cfm6mHHSQlykMcyawko2ArqfqbpuVd7vV6EAwpVmHDzbUdt0JcfkOcpWC5P2iNDNLs-RSE9QpddMJROdyX5pIyZGEwQ1pk5tonc0XRU_wmljAXX9L8OD1PkhPVOASR-gdYVFlNeAodHCpNDkMP03Q1AKv4_nh2VXIa1S6Qj_FMDQPFPTd7xSxPUwhCUWc4BU81QV_4stPwXT-yQa4iWxkxw_wXvmZ555h8v66_bvWwHnhH-6rbDjGQcqbFLfjDnoTCPWl3onCTcVzdPkLZJVyoXVc4uqkUJnOIa3kiRulJQMjyeKAj8B88wNF4Vi3ZKkUAs0HFUE9XENxY42ydzta-wkIO8tDbrUtzGjYjGhAiblnp-L1UYLwEUZ_oSkuW-BNKIFm_4NRbErdx37IB7p_C4cy4oda39D8MyBZ0bmUHLyOuwtx3GTMT8nHh4f3Ox6PcUY7W5Evsrxbm4hQWI2TjDiWlGqEEg186NjJ3XzHp5AS7TEht3SmzC291MuMdIbf-BYePCrcC-22mNDV8wtHZgFbHyRUuo__nIBQd3CAwYCTfTJE3JhjJoJmunJMbz9DqBB3iCAKyrz6UhU-gToGVUHzI5EpXwYhqxYlV_eZg6qktDaqr0ySPq0nNvuMz1gnTBbEVsjJeV6-wLVq2QrHtC-OH1WuEsa6wS-OOgC&cid=CAASKORo_BChBrB7jWPqIvJzlHuREWY1a7EnaJaRf5evd0lby9P_hpF9VBk&rfl=2%2Chttps%253A%252F%252Fwww.onmanorama.com%252F%240
Frame ID: 59A80323C9C12E9079F5D1D6F2AFA147
Requests: 13 HTTP requests in this frame

Frame: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 50E54BFB110519B939F727D2479C7B6E
Requests: 32 HTTP requests in this frame

Frame: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FFCF7EAEE424FF130D6EC051912A3651
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/index.html
Frame ID: B0DD50C491F3067D61B7C65EEFCDF79C
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9D14620F683997C4B03ECB9F46B786F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1
Frame ID: F42975A2D5B76F7B49366F57BD682FBC
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6D8B3A624749C7E5B6CE49D804EA8886
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3924DB9EAFEA60025313A72786EDD329
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
Frame ID: 33431D0D6226BC3EBC2C9B5AE1A2EF89
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A4469B559A153F82F3103F0B2A49ECE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65BC51AECB6C8D7C90A3C8838E52EBDB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/
/etc\.clientlibs/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

264
Requests

90 %
HTTPS

43 %
IPv6

37
Domains

68
Subdomains

54
IPs

10
Countries

5901 kB
Transfer

10172 kB
Size

61
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.manoramaonline.com/home.html
Title: Malayalam

Search URL Search Domain Scan URL

URL: https://epaper.manoramaonline.com/MMPortalUI/
Title: E-PAPER

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.online.AndroidManorama&hl=en

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/in/app/malayala-manorama-news-app/id547933268?mt=8

Search URL Search Domain Scan URL

URL: https://www.manoramaonline.com/district-news.html
Title: Local News

Search URL Search Domain Scan URL

URL: https://www.manoramanews.com/home.html
Title: Manorama News TV

Search URL Search Domain Scan URL

URL: https://www.manoramamax.com/
Title: ManoramaMAX

Search URL Search Domain Scan URL

URL: https://www.radiomango.fm/home.html/
Title: Radio Mango

Search URL Search Domain Scan URL

URL: https://subscribe.manoramaonline.com/
Title: Subscription

Search URL Search Domain Scan URL

URL: https://twitter.com/onmanorama

Search URL Search Domain Scan URL

URL: https://www.facebook.com/onmanorama

Search URL Search Domain Scan URL

URL: https://www.instagram.com/onmanorama/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCTxP9IWeAZdZEnelNEpoc9w

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/14650370/

Search URL Search Domain Scan URL

URL: https://www.m4marry.com/
Title: M4MARRY

Search URL Search Domain Scan URL

URL: https://www.helloaddress.com/
Title: HELLO ADDRESS

Search URL Search Domain Scan URL

URL: https://www.quickerala.com/
Title: QUICK KERALA

Search URL Search Domain Scan URL

URL: https://www.qkdoc.com/
Title: QKDOC

Search URL Search Domain Scan URL

URL: https://www.manoramahorizon.com/
Title: MANORAMA HORIZON

Search URL Search Domain Scan URL

URL: https://www.manoramaonline.com/
Title: MANORAMAONLINE

Search URL Search Domain Scan URL

URL: https://www.manoramaonline.com/global-malayali.html
Title: GLOBAL MALAYALI

Search URL Search Domain Scan URL

URL: https://www.radiomango.fm/home.html
Title: RADIO MANGO

Search URL Search Domain Scan URL

URL: https://www.vanitha.in/home.html/
Title: VANITHA

Search URL Search Domain Scan URL

URL: https://www.theweek.in/home.html
Title: THE WEEK

Search URL Search Domain Scan URL

URL: https://www.manoramayearbook.in/home.html
Title: MANORAMA YEARBOOK

Search URL Search Domain Scan URL

URL: https://www.theman.in/home.html
Title: THE MAN

Search URL Search Domain Scan URL

URL: https://advt.manoramaonline.com/2020/Media-Kit/index.html
Title: Media Kit

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://sb.scorecardresearch.com/b?c1=2&c2=7947673&ns__t=1649213124902&ns_c=UTF-8&cv=3.5&c8=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Entertainment%20%7C%20Sports&c7=https%3A%2F%2Fwww.onmanorama.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=7947673&ns__t=1649213124902&ns_c=UTF-8&cv=3.5&c8=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Entertainment%20%7C%20Sports&c7=https%3A%2F%2Fwww.onmanorama.com%2F&c9=

Request Chain 120

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1649213125609_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1649213125609_1

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKmaCN7-VcAfu2pX6uYhkc&google_cver=1

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ykz.xZ-OEi0maSRvn-3FeQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZ3sGsBeySwMiUm7DxQNtU&google_cver=1&google_hm=2

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN3gfGKFgA2FcvXijPWPiuA&google_cver=1

Request Chain 153

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzEyNDAyNjMwMTgwNzI3Mjg3Mw%3D%3D

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 185

https://eus-api.ccgateway.net/v1/s/narratiive-syndication?puid=52ad677a-c8a6-41a1-8989-e128e4cb2a40&rdurl=https://collector.effectivemeasure.net/sync_webhook/carbon/{{ccuid}} HTTP 302
https://collector.effectivemeasure.net/sync_webhook/carbon/3e1b2584-10ec-4121-9026-124aa63dee42

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEMrgUL2ZtLhfqcEYSa-4v1A&google_cver=1

Request Chain 187

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID] HTTP 302
https://collector.effectivemeasure.net/sync_webhook/mediamath/642d624c-fec6-4500-af6a-f0dae29f47b5

Request Chain 188

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://collector.effectivemeasure.net/sync_webhook/lotame/

Request Chain 189

https://dmp.adform.net/serving/cookie/match?party=1181 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/adform/4294400440322830498

Request Chain 191

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ttd/75360393-8e64-4f14-8b75-306c2a86f8fc

Request Chain 212

https://gcdn.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/392638537BC7A1E2D4E356B522BC89FD0032D05E.6FCD9186B7CDED73B4568A3A7840EC2C9D76CADB/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/107E1F2B4D75BBD9D61470D37F1C13058464C111.34AB4699E8BB26B12AF2FB8723F16949D8FC3D2B/key/cms1/cms_redirect/yes/mh/LX/mip/2001:1b60:1010:3:1012:c6cd:a5f8:364f/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1649211183/mv/u/mvi/3/pl/29/file/file.mp4

Request Chain 228

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 234

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=2B03B67EAAB149F78225123669D0A2AC&RedC=c.clarity.ms&MXFR=3ADA1F12E72864C904F60E6CE3286A45 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=2B03B67EAAB149F78225123669D0A2AC&MUID=0EFE228B06386B6A320B33F507536A93

Request Chain 249

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pdafhomjz HTTP 302
https://3fznpbk4ppbkiysm73dq-pdafho-3c42d3037-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 250

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pdafhomjz HTTP 302
https://eaarwyaqcaaagkqce3yab3yaabrez7wh-pdafho-31f583015-clienttons-s.akamaihd.net/eum/results.txt

264 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.onmanorama.com/ 389 KB
51 KB 802ms
412ms Document
text/html 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-151-200.deploy.static.akamaitechnologies.com

Software

Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /

Resource Hash

4358f21de2cdf16a8afa77e87dc5edd2cca4f60f529e08d9ef61926f6eed2431

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 06 Apr 2022 02:45:24 GMT
etag: "b980-5dbf3562e8aba"
expires: Wed, 06 Apr 2022 02:45:24 GMT
link: <https://img.onmanorama.com>;rel="preconnect",<https://css.onmanorama.com>;rel="preconnect",<https://specials.manoramaonline.com>;rel="preconnect",<https://www.googletagservices.com>;rel="preconnect",<https://js.onmanorama.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://sb.scorecardresearch.com>;rel="preconnect",<https://me-ssl.effectivemeasure.net>;rel="preconnect" <https://fonts.gstatic.com>;rel="preconnect",<https://players.brightcove.net>;rel="preconnect",<https://cdn.jsdelivr.net>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://sdk.mmonline.io>;rel="preconnect",<https://pagead2.googlesyndication.com>;rel="preconnect",<https://vjs.zencdn.net>;rel="preconnect",<https://t.effectivemeasure.net>;rel="preconnect" <https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/fonts/PanchariUN.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://fonts.gstatic.com/s/ptserif/v16/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2>;rel="preload";as="font";type="font/woff2";crossorigin
pragma: no-cache
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
server-timing: origin; dur=120 edge; dur=34 cdn-cache; desc=REVALIDATE
vary: Accept-Encoding
x-akam-sw-version: 0.5.0
x-akamai-transformed: 9 9834 0 pmb=mNONE,1mRUM,2
x-content-type-options: nosniff

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ 32 KB
32 KB 95ms
48ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmanorama.com/
Origin: https://www.onmanorama.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:33:29 GMT
x-content-type-options: nosniff
age: 544315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:33:29 GMT

GET
H2 200 PanchariUN.ttf
css.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/fonts/ 294 KB
295 KB 416ms
21ms Font
application/x-font-ttf 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/fonts/PanchariUN.ttf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 99fa755757dfa7ead11a18cff328afacee9c2fc9b8b832fae8b94fc833a32972

Request headers

Referer: https://www.onmanorama.com/
Origin: https://www.onmanorama.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Fri, 14 Jan 2022 21:51:31 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"497e4-5d591ce4bdcc7"
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=87591867
accept-ranges: bytes
content-length: 301028
expires: Mon, 13 Jan 2025 21:49:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 63ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmanorama.com/
Origin: https://www.onmanorama.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 594726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 05:33:18 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v16/ 29 KB
29 KB 83ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmanorama.com/
Origin: https://www.onmanorama.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:33:29 GMT
x-content-type-options: nosniff
age: 544315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:33:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 70ms
24ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onmanorama.com/
Origin: https://www.onmanorama.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 27935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H2 200 onmclientlibs.6d81e9f8c5d80402ad9d4d95a4277d47.css
css.onmanorama.com/etc.clientlibs/onm/clientlibs/ 269 KB
32 KB 0ms
0ms Stylesheet
text/css 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/onmclientlibs.6d81e9f8c5d80402ad9d4d95a4277d47.css
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: e0124cbc82cb61c496a04a6f0894bb3c687cd9a91ce7a9a3dfb23659550fe6da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:23 GMT
content-encoding: br
x-akamai-http2-push: 1
last-modified: Mon, 14 Feb 2022 11:46:19 GMT
server: Akamai Resource Optimizer
etag: W/"433d4-5d7f8f6e98e00"
content-type: text/css
cache-control: max-age=90234016
accept-ranges: bytes
content-length: 32782
expires: Thu, 13 Feb 2025 11:45:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 74ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,700|Roboto:400,500&display=swap

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f6c5e9fde686c8143a47b26c6c48018fd331c22f52e3eeb78f0f3ccad800f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 02:45:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 02:45:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 02:45:24 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 95ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78401c570ac33d251310b020d0d089f12158b071e7923e19215aae52efaafc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28231
x-xss-protection: 0
server: sffe
etag: "1179 / 362 of 1000 / last-modified: 1649196586"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Apr 2022 02:45:24 GMT

GET
H2 200 hamburger-new-logo-latest.png
img.onmanorama.com/content/dam/mm/en/onm-newlogos/ 10 KB
10 KB 58ms
31ms Image
image/png 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/onm-newlogos/hamburger-new-logo-latest.png
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 5c23aabb5100c8cd50d801fe3a762c8c7c67683881213727772e3aabcb69e2d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Mon, 08 Feb 2021 07:11:30 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "2729-5bacde113fc40"
content-type: image/png
cache-control: max-age=58163217
accept-ranges: bytes
content-length: 10025
expires: Thu, 08 Feb 2024 07:12:21 GMT

GET
H2 200 google-play-store.png
img.onmanorama.com/content/dam/mm/en/onm-newlogos/ 12 KB
13 KB 59ms
32ms Image
image/png 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/onm-newlogos/google-play-store.png
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 8a0dfe7908d3190c80354a981d7dd9ba3346727aa6e49b162b644749778480c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Tue, 19 Jan 2021 12:11:05 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "3181-5b93fbb9a4ac1"
content-type: image/png
cache-control: max-age=56453089
accept-ranges: bytes
content-length: 12673
expires: Fri, 19 Jan 2024 12:10:13 GMT

GET
H2 200 iphoneapp-store.png
img.onmanorama.com/content/dam/mm/en/onm-newlogos/ 10 KB
10 KB 61ms
34ms Image
image/png 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/onm-newlogos/iphoneapp-store.png
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 94ee6fc838483912424d7dca265e3c92c4fe6c566849af0b802cd6e9d53cde07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Tue, 19 Jan 2021 12:20:00 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "28b8-5b93fdb813db6"
content-type: image/png
cache-control: max-age=56453779
accept-ranges: bytes
content-length: 10424
expires: Fri, 19 Jan 2024 12:21:43 GMT

GET
H2 200 onmanorama-new-logo-feb.jpg
img.onmanorama.com/content/dam/mm/en/onm-newlogos/ 35 KB
35 KB 47ms
25ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/onm-newlogos/onmanorama-new-logo-feb.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: f9caa58991422d5dd53d6b8342c745831827498d0e30b9ad7fafa4321617da38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Tue, 09 Feb 2021 06:31:59 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "8a63-5bae1718f9cab"
content-type: image/jpeg
cache-control: max-age=58247327
accept-ranges: bytes
content-length: 35427
expires: Fri, 09 Feb 2024 06:34:11 GMT

GET
H2 404 dummy-image-onmanorama-big.jpg
img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/ 0
0 147ms
124ms Image
text/html 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 dummy-image-onmanorama-square.jpg
img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/ 3 KB
3 KB 50ms
28ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-square.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: be19377a649356c14d1880e94ee1a6f257302279e7544afe275f72150cfb5ccc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Wed, 03 Mar 2021 13:54:52 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "cc4-5bca231f03195"
content-type: image/jpeg
cache-control: max-age=60174537
accept-ranges: bytes
content-length: 3268
expires: Sat, 02 Mar 2024 13:54:21 GMT

GET
H2 200 user-default.jpg
www.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/img/ 4 KB
4 KB 25ms
21ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/img/user-default.jpg

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-151-200.deploy.static.akamaitechnologies.com

Software

Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /

Resource Hash

c91c896a8a6737d45e3d609838138960e70cc82939ef132415e0296953043791

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 07:55:45 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"e7a-5d0e340bcc3b5"
content-type: image/jpeg
cache-control: public, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 3706
expires: Thu, 07 Apr 2022 02:45:24 GMT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5265296597001/gFrVV8fiF_default/ 740 KB
202 KB 72ms
18ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5265296597001/gFrVV8fiF_default/index.min.js
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c28e9d3b131c466eef9886496227e59a5779807033c2eebbe00654065beddb4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: 70uvfWLwv_YLD2Q1ve0jqbYhU36HSuLU
Content-Encoding: gzip
ETag: "384ebe7986f27eadfbf65666c38ec7af"
x-amz-request-id: J3FK2BEKH974232R
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 205920
x-amz-id-2: vYCmVkKnfqh2Fb1SkNhvRz6UXTTjzDV2cfhWLQM1Ifl3VmIUvRqfgS1VQszdJFPZN+EQyaHMf5Y=
X-BCOV-Response-Mode: 1
X-Served-By: cache-ams21066-AMS
Last-Modified: Tue, 11 May 2021 05:48:04 GMT
Server: AmazonS3
X-Timer: S1620959056.928276,VS0,VE365
Date: Wed, 06 Apr 2022 02:45:24 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=270
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 image.jpg
img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg.transform/indls/ 3 KB
3 KB 19ms
19ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg.transform/indls/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 8cb2434436ba162aad140c82bae67bf01705a2fffd9e67ae6b926a64316abb60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Wed, 11 Aug 2021 11:50:01 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"b7f-5c94737eda0b6"
content-type: image/jpeg
cache-control: max-age=74077457
accept-ranges: bytes
content-length: 2943
expires: Sat, 10 Aug 2024 11:49:41 GMT

GET
H2 200 image.jpg
img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-portrait.jpg.transform/igl/ 5 KB
5 KB 23ms
19ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-portrait.jpg.transform/igl/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 0ed3e338f9f6a268ed1b9b1316852635c2dbe7dd0159b42f38bf47b163baa10d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Sat, 19 Jun 2021 03:22:33 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "12f2-5c515f37f1753"
content-type: image/jpeg
cache-control: max-age=69467893
accept-ranges: bytes
content-length: 4850
expires: Tue, 18 Jun 2024 03:23:37 GMT

GET
H2 200 script.js Show response
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/coronaWidget44/ 41 KB
14 KB 372ms
25ms Script
application/javascript 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/coronaWidget44/script.js

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8be32407f34593c10235a8179c1e6c55c640beac8d976b8cbb46b660e063826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
fastly-original-body-size: 13249
age: 42508
x-jsd-version: 2.2.18
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-hhn4036-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a405-omOaZ3Lmqu6GxvW7oRD6K2nbDmw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f772fed6da168f8-FRA

GET
H2 200 image.jpg
img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg.transform/recom/ 4 KB
4 KB 22ms
21ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg.transform/recom/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: b22696282b92bdc656353111f41451af61899162772f76d7543b67a15c89a2b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Tue, 07 Sep 2021 12:50:11 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"e04-5cb6734d45692"
content-type: image/jpeg
cache-control: max-age=76413834
accept-ranges: bytes
content-length: 3588
expires: Fri, 06 Sep 2024 12:49:18 GMT

GET
H2 200 iframe-en.css
specials.manoramaonline.com/News/2022/manorama-promotions/css/ 1 KB
728 B 4ms
0ms Stylesheet
text/css 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/css/iframe-en.css
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a81d714d101f376880cbddaf3df5f7cb2e7881ed92e318052892e1fcc4f6929b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:23 GMT
content-encoding: gzip
x-akamai-http2-push: 1
last-modified: Sat, 26 Mar 2022 06:00:59 GMT
server: Microsoft-IIS/7.5
x-powered-by: ASP.NET
etag: "3aa2e7ddd640d81:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=93689041
accept-ranges: bytes
content-length: 491
expires: Tue, 25 Mar 2025 11:29:24 GMT

GET
H2 200 subscribe-iframe.css
specials.manoramaonline.com/Common/Onmanorama_newsletter/newsletter_new/css/ 206 B
411 B 4ms
0ms Stylesheet
text/css 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://specials.manoramaonline.com/Common/Onmanorama_newsletter/newsletter_new/css/subscribe-iframe.css
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 5bd73d48f216590d273eb969c450195bc5ee173503895f0faae499bb89aeeb2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:23 GMT
content-encoding: gzip
x-akamai-http2-push: 1
last-modified: Mon, 28 Dec 2020 04:55:25 GMT
server: Microsoft-IIS/7.5
x-powered-by: ASP.NET
etag: "8c5f9ea7d5dcd61:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=54527773
accept-ranges: bytes
content-length: 174
expires: Thu, 28 Dec 2023 05:21:36 GMT

GET
H2 200 app-image.png
img.onmanorama.com/content/dam/mm/en/onm-newlogos/ 21 KB
21 KB 25ms
25ms Image
image/png 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/onm-newlogos/app-image.png
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 6631de4735d885c6607655fa524314b2b9e3d602713e64f43582f5f11693fe6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Tue, 09 Feb 2021 15:53:07 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"538c-5bae94852895b"
content-type: image/png
cache-control: max-age=58280807
accept-ranges: bytes
content-length: 21388
expires: Fri, 09 Feb 2024 15:52:11 GMT

GET
H2 200 onmclientlibs.bc7b3f98b1b39838bdd757e1421a1227.js Show response
js.onmanorama.com/etc.clientlibs/onm/clientlibs/ 229 KB
58 KB 4ms
0ms Script
application/javascript 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.onmanorama.com/etc.clientlibs/onm/clientlibs/onmclientlibs.bc7b3f98b1b39838bdd757e1421a1227.js
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 92958d4fdf7152d2cabf800876b0f1605a722365d95e3f7bbe381fe58e9df4b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:23 GMT
content-encoding: br
x-akamai-http2-push: 1
last-modified: Mon, 14 Feb 2022 11:16:12 GMT
server: Akamai Resource Optimizer
etag: W/"39532-5d7f88b2b9a93"
content-type: application/javascript
cache-control: max-age=90232328
accept-ranges: bytes
content-length: 58965
expires: Thu, 13 Feb 2025 11:17:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
43 KB 114ms
37ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXHGQQJ

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a4ed577ed000498594c1d2c6d4cf163550d53ddfb873690e28daccd77e421c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43523
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 00:52:29 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Apr 2022 02:45:24 GMT

GET
H2 200 J3MDQ-48JJW-ZLEFB-4N52D-G4L2D Show response
s.go-mpulse.net/boomerang/ Frame F14D 198 KB
48 KB 368ms
20ms Script
application/javascript 69.192.160.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/J3MDQ-48JJW-ZLEFB-4N52D-G4L2D
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 69.192.160.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-133.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f94c37ae74831ff0590c6340d1b4547fea4dcc82dc694c3bde98cfb25c14f0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: br
last-modified: Tue, 18 Jan 2022 07:22:50 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 48989

GET
H2 200 sprite-icon.svg
css.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/img/ 48 KB
10 KB 30ms
25ms Image
image/svg+xml 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/img/sprite-icon.svg
Requested by: Host: css.onmanorama.com
URL: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/onmclientlibs.6d81e9f8c5d80402ad9d4d95a4277d47.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 03b4b2d41babe29bebdff2ec50bd0083a22f2ff7ef36f2f653acc93db764cab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/onmclientlibs.6d81e9f8c5d80402ad9d4d95a4277d47.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 05:31:05 GMT
server: Akamai Resource Optimizer
etag: W/"c025-5c7733e4a07ad"
content-type: image/svg+xml
cache-control: max-age=72067532
accept-ranges: bytes
content-length: 10034
expires: Thu, 18 Jul 2024 05:30:56 GMT

GET
H2 200 title-line.png
css.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/img/ 1 KB
1 KB 34ms
29ms Image
image/png 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/img/title-line.png
Requested by: Host: css.onmanorama.com
URL: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/onmclientlibs.6d81e9f8c5d80402ad9d4d95a4277d47.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: d3fbf7efca1e4d1f4c6e7a37792d77c30392ee4fc49f347e4543032f3bc2f96c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/onmclientlibs.6d81e9f8c5d80402ad9d4d95a4277d47.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Thu, 06 Jan 2022 05:09:21 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"4b2-5d4e2df8960dc"
content-type: image/png
cache-control: max-age=86840624
accept-ranges: bytes
content-length: 1202
expires: Sun, 05 Jan 2025 05:09:08 GMT

GET
H2 200 user-default.jpg
css.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/img/ 4 KB
4 KB 31ms
26ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/clientlib-all/resources/img/user-default.jpg
Requested by: Host: css.onmanorama.com
URL: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/onmclientlibs.6d81e9f8c5d80402ad9d4d95a4277d47.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: c91c896a8a6737d45e3d609838138960e70cc82939ef132415e0296953043791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://css.onmanorama.com/etc.clientlibs/onm/clientlibs/onmclientlibs.6d81e9f8c5d80402ad9d4d95a4277d47.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Sun, 20 Jun 2021 10:51:44 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"e7a-5c53057bf6815"
content-type: image/jpeg
cache-control: max-age=69581188
accept-ranges: bytes
content-length: 3706
expires: Wed, 19 Jun 2024 10:51:52 GMT

GET
H2 200 pubads_impl_2022033101.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
125 KB 91ms
17ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

a58d46d853c21c8e11eb057aba26dbeeb32041b51a61d4e2c3adc86c09c08704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 19:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127477
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 08:37:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Apr 2023 19:01:10 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 285 B
776 B 98ms
26ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.onmanorama.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

3a913e19e238dc4a47843f2752097b1e4cbbc69056e303aedf7159556ce6ec06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
expires: Wed, 06 Apr 2022 02:45:24 GMT

OPTIONS
H2 200 6302953496001
edge.api.brightcove.com/playback/v1/accounts/5265296597001/videos/ Frame 0
0 75ms
17ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5265296597001/videos/6302953496001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.onmanorama.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
bcov-debug-cache-stats: unknown
bcov-instance: unknown
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Wed, 06 Apr 2022 02:45:24 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-amz-cf-id: unknown
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4034-HHN
x-timer: S1649213125.669000,VS0,VE0

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 70ms
21ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5265296597001/gFrVV8fiF_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-hhn4080-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 26736

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.onmanorama.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 6302953496001 Show response
edge.api.brightcove.com/playback/v1/accounts/5265296597001/videos/ 3 KB
3 KB 19ms
19ms XHR
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5265296597001/videos/6302953496001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5265296597001/gFrVV8fiF_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 10cecf6b41a6d0a2c1fb8280c83c3a8858b1c503b749cd793d332b3c152f2da5

Request headers

Accept: application/json;pk=BCpkADawqM0cO1Z5qV02RZMhEKrjZ1nrUGdecUyjCEM7SKbQs2RRriHLjXEXDQOWErSGASuNg-kZUSEP6qhzTFeB_WnLWe9LZ9YPJnTcSzAaDC3bNtGRd-KY1VNfgwRwi4udsgBhLKmvsf42
Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

bc-override-client-ip: 94.177.226.106
date: Wed, 06 Apr 2022 02:45:24 GMT
powered-from: eu-central-1a
bcov-request-id: 69230ac9-4262-4dd4-92c9-6bcf034c28a8
age: 2660
policy-key-accountid: 5265296597001
x-cache: HIT
access-control-allow-origin: *
powered-by: BC
content-length: 3201
x-served-by: cache-hhn4034-HHN
bcov-instance: unknown
policy-key-raw: BCpkADawqM0cO1Z5qV02RZMhEKrjZ1nrUGdecUyjCEM7SKbQs2RRriHLjXEXDQOWErSGASuNg-kZUSEP6qhzTFeB_WnLWe9LZ9YPJnTcSzAaDC3bNtGRd-KY1VNfgwRwi4udsgBhLKmvsf42
x-timer: S1649213125.687261,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 1

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
207 B 76ms
31ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Wed, 06 Apr 2022 02:45:24 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 76ms
31ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Wed, 06 Apr 2022 02:45:24 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
BLOB 206
Partial Content 3dea9005-8c23-4842-a658-7ca275e634b8
https://www.onmanorama.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onmanorama.com/3dea9005-8c23-4842-a658-7ca275e634b8
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 9d75199b-1bd9-4767-a767-8232fd7a8c06
https://www.onmanorama.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onmanorama.com/9d75199b-1bd9-4767-a767-8232fd7a8c06
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content e664577a-4f4a-4a34-8a7a-865873b67201
https://www.onmanorama.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onmanorama.com/e664577a-4f4a-4a34-8a7a-865873b67201
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 50a5050a-39dc-4694-b1cb-471e6723301e
https://www.onmanorama.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onmanorama.com/50a5050a-39dc-4694-b1cb-471e6723301e
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 200
OK 739c7947-9327-46c9-903a-dd1f7bad30b9
https://www.onmanorama.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onmanorama.com/739c7947-9327-46c9-903a-dd1f7bad30b9
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 404 dummy-image-onmanorama-big.jpg
img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/ 0
0 27ms
26ms Image
text/html 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 44ms
32ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=261a9157752afac393df7b81&account=5265296597001&destination=https%3A%2F%2Fwww.onmanorama.com%2F&platform_version=6.42.5&player=players.brightcove.com%2F5265296597001%2FgFrVV8fiF_default&player_name=MMOnline-Podcast-Player&source=&usage=qualityMenu&usage=inpage-embed&event=player_load&time=1649213124634&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=10000000&qos.performance.memory.totalJSHeapSize=10000000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=0&qos.performance.timing.domContentLoadedEventStart=0&qos.performance.timing.domInteractive=0&qos.performance.timing.domLoading=1649213124223&qos.performance.timing.responseEnd=1649213124227&qos.performance.timing.responseStart=1649213124219&qos.performance.timing.requestStart=1649213123807&qos.performance.timing.secureConnectionStart=1649213123770&qos.performance.timing.connectEnd=1649213123807&qos.performance.timing.connectStart=1649213123753&qos.performance.timing.domainLookupEnd=1649213123452&qos.performance.timing.domainLookupStart=1649213123418&qos.performance.timing.fetchStart=1649213123417&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1649213123417&qos.player.dimensions=%5B%5B1649213124634%2C%220x0%22%2C%22278x40%22%5D%5D&qos.player.pixelratio=%5B%5B1649213124634%2C1%5D%5D&qos.player.screendimensions=%5B%5B1649213124634%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Wed, 06 Apr 2022 02:45:24 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXHGQQJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4234
date: Wed, 06 Apr 2022 01:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Apr 2022 03:34:50 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 73ms
17ms Script
application/javascript 99.86.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-2.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 03:13:46 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 84699
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Qw4IVsgJfoVSETMDnOTxOpCtyhS-PlTwNVXlZKxPW6AL5d7H33kXfg==

GET
H2 200 em.js Show response
me-ssl.effectivemeasure.net/ 378 B
755 B 95ms
17ms Script
application/javascript 2600:9000:2057:2a00:b:3c99:a880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://me-ssl.effectivemeasure.net/em.js
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2a00:b:3c99:a880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b646e7ffbc66071e42f1027eadcc593772e9728738516f4bb79d1b3c9c137eb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: t7PdnOqmxGUTf0a_jPpkk1ZsC1D98ALI
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 567307
etag: "4101041d9fe2bb2666de1f78999a027a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
date: Wed, 30 Mar 2022 13:10:18 GMT
x-amz-cf-pop: FRA6-C1
content-length: 378
x-amz-cf-id: 9BR2Db2egCwZtfxhsCZYJNP94SJiR1HwT5c_VLsuKow9cayY9JSEUw==

GET
H2 200 lens-publisher.1.1-latest.js Show response
sdk.mmonline.io/js/ 41 KB
11 KB 103ms
19ms Script
application/javascript 2600:9000:214f:8c00:12:c2b1:eac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mmonline.io/js/lens-publisher.1.1-latest.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXHGQQJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:12:c2b1:eac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec598a6e3250ef19badae52c675552aa189aad6113063242b6f7ab5d2df9de5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 01:33:10 GMT
content-encoding: gzip
last-modified: Thu, 22 Apr 2021 06:00:39 GMT
server: AmazonS3
age: 4349
etag: W/"7d5fe53b4a2e667122ad326888daa5f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: tHs1NzOtBlqbzT3RnckT_dBF47fLICii8uPZIaALutOKXIiy8K29HQ==

GET
H2 200 586bqo1bji Show response
www.clarity.ms/tag/ 712 B
1 KB 189ms
123ms Script
application/x-javascript 2620:1ec:27::cafe:1761
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/586bqo1bji
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 093b1eb6ec6affdd95ee6ede828bf348ad06f65fe2de408842807f8e5ec0b184

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
x-powered-by: ASP.NET
x-azure-ref: 0xP5MYgAAAADyTzHzQ1R+Q535L2DGjjIgR1ZBMzBFREdFMDIxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
content-length: 712
expires: -1

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 97ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4075694933314520

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXHGQQJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

804443bd7d907858eea7bd884e5b3934049be1a738ca275fe3e51165d93ffa26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54090
x-xss-protection: 0
server: cafe
etag: 1097001508523650290
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 02:45:24 GMT

GET
H2 404 dummy-image-onmanorama-big.jpg
img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/ 0
0 30ms
25ms Image
text/html 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 71ms
27ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmanorama.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 86ms
26ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmanorama.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 32ms
31ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Wed, 06 Apr 2022 02:45:24 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 427 B
267 B 81ms
56ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=472305527291753&correlator=1840371430515022&eid=31066949%2C44752585&output=ldjh&gdfp_req=1&vrg=2022033101&ptt=17&impl=fif&iu_parts=123148010%2CONM_Home_Page_HIF_PAGE_PUSHER_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3898430482&sfv=1-0-38&ecs=20220406&fsapi=false&cust_params=Content_Category%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1649213124752&lmt=1649213124&dlt=1649213124223&idt=457&biw=1600&bih=1200&adxs=0&adys=273&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.onmanorama.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=797995697.1649213125&ga_sid=1649213125&ga_hid=786834084&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

21eb780ffb68fee985e2b059a442307dafdcc9f80f26dd60c575c7922f4b2956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onmanorama.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9EC1 6 KB
4 KB 103ms
28ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 02:45:24 GMT
expires: Thu, 06 Apr 2023 02:45:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
22 KB 906ms
890ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=472305527291753&correlator=1840371430515022&eid=31066949%2C44752585&output=ldjh&gdfp_req=1&vrg=2022033101&ptt=17&impl=fif&iu_parts=123148010%2CONM_Home_Page_Rectangle1_ATF_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250&ifi=2&adks=3287633569&sfv=1-0-38&fsfs=1&ecs=20220406&fsapi=false&cust_params=Content_Category%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1649213124763&lmt=1649213124&dlt=1649213124223&idt=457&biw=1600&bih=1200&adxs=819&adys=636&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.onmanorama.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=797995697.1649213125&ga_sid=1649213125&ga_hid=786834084&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

bbb04106d9fdc3f872c94b729acb91b487e2653cbbbfc6722c6424bc9dbfd5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22184
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onmanorama.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 441ms
426ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=472305527291753&correlator=1840371430515022&eid=31066949%2C44752585&output=ldjh&gdfp_req=1&vrg=2022033101&ptt=17&impl=fif&iu_parts=123148010%2CONM_Home_Page_DESK_Leaderboard_BTF_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90%7C970x90%7C970x180%7C970x250&ifi=3&adks=2243070382&sfv=1-0-38&fsfs=1&ecs=20220406&fsapi=false&cust_params=Content_Category%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1649213124766&lmt=1649213124&dlt=1649213124223&idt=457&biw=1600&bih=1200&adxs=315&adys=1131&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.onmanorama.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x90&msz=970x0&fws=0&ohw=0&ga_vid=797995697.1649213125&ga_sid=1649213125&ga_hid=786834084&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

4b0351bd5de7fd459b8d8e4468e1a37910f5b02c7e329bed3ee83ecef26550a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8475
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onmanorama.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
11 KB 614ms
602ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=472305527291753&correlator=1840371430515022&eid=31066949%2C44752585&output=ldjh&gdfp_req=1&vrg=2022033101&ptt=17&impl=fif&iu_parts=123148010%2CONM_Home_Page_DESK_Leaderboard_ATF_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90%7C970x90%7C970x180%7C970x250&ifi=4&adks=1569053239&sfv=1-0-38&fsfs=1&ecs=20220406&fsapi=false&cust_params=Content_Category%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1649213124769&lmt=1649213124&dlt=1649213124223&idt=457&biw=1600&bih=1200&adxs=315&adys=10&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.onmanorama.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x90&msz=970x0&fws=0&ohw=0&ga_vid=797995697.1649213125&ga_sid=1649213125&ga_hid=786834084&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

54de43742bb006a9ec08807cf104da5f5f8c3d4ffaeb04f211dc9e8668b59beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onmanorama.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 dummy-image-onmanorama-big.jpg
img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/ 0
0 21ms
21ms Image
text/html 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H/1.1 404
Not Found image.jpg
cf-images.ap-southeast-1.prod.boltdns.net/v1/jit/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/main/1280x720/2m54s521ms/match/ 0
0 596ms
514ms Image
text/plain 18.66.245.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.ap-southeast-1.prod.boltdns.net/v1/jit/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/main/1280x720/2m54s521ms/match/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.245.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-245-194.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 index-en.html Show response
specials.manoramaonline.com/News/2022/manorama-promotions/ Frame A61C 7 KB
1 KB 49ms
20ms Document
text/html 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: e4b0af7713631cc450dff40c46f1b5ba919122c2f165aace098fa928adf90ddf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-encoding: gzip
content-length: 1189
content-type: text/html
date: Wed, 06 Apr 2022 02:45:24 GMT
etag: "522dd666e440d81:0"
expires: Wed, 06 Apr 2022 02:45:24 GMT
last-modified: Sat, 26 Mar 2022 07:37:52 GMT
pragma: no-cache
server: Microsoft-IIS/7.5
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/10s/ 2 KB
3 KB 26ms
18ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/10s/master.m3u8?fastly_token=NjI3MWUzN2JfNGY3YmQ0NWYyOTEwNjA2MTMyZmRhMGEwMzkxYTM3YmUxN2I4NDIyNWZmZTgxNDQ5OWUzZDcwY2NkNTE3NzMzNw%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5265296597001/gFrVV8fiF_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: f9f91f0bd1379073d0ea4fc35a30d802e6cdd9325221649fbca52cb26a3da1f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
via: 1.1 varnish
age: 46277
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 2361
x-served-by: cache-hhn4034-HHN
x-device-group: desktop-chrome
x-timer: S1649213125.823919,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=7947673&ns__t=1649213124902&ns_c=UTF-8&cv=3.5&c8=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Entertai...
https://sb.scorecardresearch.com/b2?c1=2&c2=7947673&ns__t=1649213124902&ns_c=UTF-8&cv=3.5&c8=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Enterta...

0
189 B

18ms
18ms

Image
text/plain

99.86.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=7947673&ns__t=1649213124902&ns_c=UTF-8&cv=3.5&c8=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Entertainment%20%7C%20Sports&c7=https%3A%2F%2Fwww.onmanorama.com%2F&c9=
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Server: 99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-2.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: HH-rn_d4d6Pr9_qqYi96GDGFaya8x4T5LxEnSlNWjs8kOTE8Kz3vlg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=7947673&ns__t=1649213124902&ns_c=UTF-8&cv=3.5&c8=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Entertainment%20%7C%20Sports&c7=https%3A%2F%2Fwww.onmanorama.com%2F&c9=
date: Wed, 06 Apr 2022 02:45:24 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: rMbo1er_RDHJ3rq85e0UF3WUfBkHr-N2tZpQuQGdS4CkVatV21odBg==
x-cache: Miss from cloudfront

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 84ms
33ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-208232-49&cid=797995697.1649213125&jid=138108919&gjid=478663586&_gid=1163714855.1649213125&_u=YChAgEABAAAAAE~&z=546995304

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Apr 2022 02:45:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.onmanorama.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 80ms
33ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-208232-19&cid=797995697.1649213125&jid=1699443522&gjid=1494027953&_gid=1163714855.1649213125&_u=YCjAgEABAAAAAE~&z=1728963510

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Apr 2022 02:45:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.onmanorama.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
25ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=786834084&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmanorama.com%2F&ul=en-us&de=UTF-8&dt=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Entertainment%20%7C%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgEAB~&jid=138108919&gjid=478663586&cid=797995697.1649213125&tid=UA-208232-49&_gid=1163714855.1649213125&gtm=2wg3u0NXHGQQJ&z=131507195

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 06:56:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71351
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
24ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=786834084&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmanorama.com%2F&ul=en-us&de=UTF-8&dt=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Entertainment%20%7C%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjAgEABAAAAAE~&jid=1699443522&gjid=1494027953&cid=797995697.1649213125&tid=UA-208232-19&_gid=1163714855.1649213125&gtm=2wg3u0NXHGQQJ&z=2010037303

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 06:56:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71351
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 1f0676e4-32ed-49d9-b78f-859bb9009b47
https://www.onmanorama.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onmanorama.com/1f0676e4-32ed-49d9-b78f-859bb9009b47
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6cf001d2139c7b8e8ad3b28f6aee37fe46c9fa0ceed880a75a73f9c6cf52125

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 5922
Content-Type: application/javascript

GET
H2 200 tag.js Show response
t.effectivemeasure.net/ 22 KB
7 KB 74ms
24ms Script
application/javascript 99.86.4.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.effectivemeasure.net/tag.js?1649
Requested by: Host: me-ssl.effectivemeasure.net
URL: https://me-ssl.effectivemeasure.net/em.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-66.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: O3a7WZEATOQUEXh0NtsTxnF269jGh9BQ
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 350787
etag: W/"93cb9d1cb96864d82a396bd64bd41630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
date: Sat, 02 Apr 2022 01:18:58 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: f3latuWyLSEp_RDGgFCLRqvSD4QVpORf4s_uCjq_9N0kABzuW4tN3w==

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/298f3e2b-48b7-4495-b4c3-151fdef4c581/10s/ 6 KB
6 KB 23ms
23ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/298f3e2b-48b7-4495-b4c3-151fdef4c581/10s/rendition.m3u8?fastly_token=NjI3MTM5MWFfMGVkOWViNjQyNjE2MWM0ZmM5Y2FkMDFjODU1ODExNjRhMTY0MmQzZGRmOTYwMzdjMzFlNDA2OGU1MjIzN2Q3NQ%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5265296597001/gFrVV8fiF_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: e7b6e94dbad36e208ae7518b23ebbbd7267cdb3bee8835925c2383188efbb940

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
via: 1.1 varnish
age: 46277
x-powered-by: BC
x-cache: HIT
content-length: 6299
x-served-by: cache-hhn4034-HHN
x-device-group: desktop-chrome
x-timer: S1649213125.973133,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 301 KB
108 KB 72ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4075694933314520&plah=www.onmanorama.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4075694933314520

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f73599767f48bb5d1aa2d9f1dfa0b0690b848eddd48c250ac217a7150b69d246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110326
x-xss-protection: 0
server: cafe
etag: 10141321661694479077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220404/r20190131/ Frame 500F 10 KB
5 KB 64ms
18ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220404/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4075694933314520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 11661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 23:31:04 GMT
etag: 14837630671339829333
expires: Tue, 19 Apr 2022 23:31:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 style.css
specials.manoramaonline.com/News/2022/manorama-promotions/css/ Frame A61C 5 KB
1 KB 21ms
19ms Stylesheet
text/css 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/css/style.css
Requested by: Host: specials.manoramaonline.com
URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 9e984ab04afc6cabd0a08f84049cfc76d5d3ef4c2d350c9619b06a3c56eff114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 03:05:35 GMT
server: Microsoft-IIS/7.5
x-powered-by: ASP.NET
etag: "c6ab6dfab39d81:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=92885173
accept-ranges: bytes
content-length: 1167
expires: Sun, 16 Mar 2025 04:11:38 GMT

GET
H2 200 reset.css
specials.manoramaonline.com/News/2022/manorama-promotions/css/ Frame A61C 1 KB
813 B 23ms
21ms Stylesheet
text/css 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/css/reset.css
Requested by: Host: specials.manoramaonline.com
URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a9977c82892e41b13063ffb178061f53e6d39ce28a353991eb9f36e37870ffea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 03:05:35 GMT
server: Microsoft-IIS/7.5
x-powered-by: ASP.NET
etag: "ee91dfab39d81:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=92885256
accept-ranges: bytes
content-length: 595
expires: Sun, 16 Mar 2025 04:13:01 GMT

GET
H2 200 mmfonts.css
specials.manoramaonline.com/News/2022/manorama-promotions/css/ Frame A61C 1 KB
541 B 25ms
23ms Stylesheet
text/css 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/css/mmfonts.css
Requested by: Host: specials.manoramaonline.com
URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 7ef475f0556172048ab3562cc18319104379ccec799966f9f68eaf87c911549e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 03:05:34 GMT
server: Microsoft-IIS/7.5
x-powered-by: ASP.NET
etag: "e9269deab39d81:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=92885175
accept-ranges: bytes
content-length: 323
expires: Sun, 16 Mar 2025 04:11:40 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame A61C 13 KB
847 B 60ms
28ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Requested by

Host: specials.manoramaonline.com
URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://specials.manoramaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 02:24:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 02:45:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame A61C 3 KB
522 B 59ms
27ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Serif:wght@400;700&display=swap

Requested by

Host: specials.manoramaonline.com
URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

655b4356965434ba7ebd9e28b32017cf3c39c1a0372edef98cba76c6064de2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://specials.manoramaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 02:45:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 02:45:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H2 200 sudoku.jpg
specials.manoramaonline.com/News/2022/manorama-promotions/img/ Frame A61C 32 KB
32 KB 28ms
22ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/img/sudoku.jpg
Requested by: Host: specials.manoramaonline.com
URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: ef2e649ba794266856e49838016e15e2238709d8515dacf79ca3fc35bfd83873

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Thu, 24 Mar 2022 03:24:29 GMT
server: Microsoft-IIS/7.5
x-powered-by: ASP.NET
etag: "fa9e37ac2e3fd81:0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=93487221
accept-ranges: bytes
content-length: 32343
expires: Sun, 23 Mar 2025 03:25:46 GMT

GET
H2 200 2048-game.jpg
specials.manoramaonline.com/News/2022/manorama-promotions/img/ Frame A61C 18 KB
18 KB 31ms
25ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/img/2048-game.jpg
Requested by: Host: specials.manoramaonline.com
URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 33570ec4448d75ab435b4d5a3541e04d61bd632c9bc5199177fa8e75b832c026

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Thu, 17 Mar 2022 03:06:05 GMT
server: Microsoft-IIS/7.5
x-powered-by: ASP.NET
etag: "ee25eff0ab39d81:0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=92885368
accept-ranges: bytes
content-length: 18521
expires: Sun, 16 Mar 2025 04:14:53 GMT

GET
H2 200 time-out.jpg
specials.manoramaonline.com/News/2022/manorama-promotions/img/ Frame A61C 14 KB
15 KB 34ms
28ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/img/time-out.jpg
Requested by: Host: specials.manoramaonline.com
URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 731111c2c71c9ffc05b194e8c718b95794e74ae40a14d66d5111df2741f50dbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Thu, 17 Mar 2022 03:06:07 GMT
server: Microsoft-IIS/7.5
x-powered-by: ASP.NET
etag: "2e1592f2ab39d81:0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=92885251
accept-ranges: bytes
content-length: 14690
expires: Sun, 16 Mar 2025 04:12:56 GMT

GET
H2 200 app-icon.jpg
specials.manoramaonline.com/News/2022/manorama-promotions/img/ Frame A61C 7 KB
7 KB 32ms
29ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/img/app-icon.jpg
Requested by: Host: specials.manoramaonline.com
URL: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: ddb198ead84de7846f3507e630b006161baa06c6df002726524658ea7f794722

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://specials.manoramaonline.com/News/2022/manorama-promotions/index-en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Thu, 17 Mar 2022 03:06:05 GMT
server: Microsoft-IIS/7.5
x-powered-by: ASP.NET
etag: "5eabf8f0ab39d81:0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=92885286
accept-ranges: bytes
content-length: 6760
expires: Sun, 16 Mar 2025 04:13:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
37 KB 57ms
30ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-159929110-29

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

946a9430425202187259e5f956d56b7b3744547dadaf91049733d8aee33767d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38068
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 00:52:29 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 32ms
32ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

5cab1a7dec602bb81ebd24664ecd0b0d3e2ca0940ba5324b7a191dfc079610ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28230
x-xss-protection: 0
server: sffe
etag: "1179 / 82 of 1000 / last-modified: 1649196481"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H/1.1 200
OK get_stat Show response
covidapi.unibots.in/ 11 KB
11 KB 1190ms
221ms XHR
application/json 172.105.43.230
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://covidapi.unibots.in/get_stat
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.105.43.230 Mumbai, India, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 172-105-43-230.ip.linodeusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 500be6ac2812be9972e4a0eabec68c32a6ef50bd0fee142c765d5044bf37c4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,Auth-Token
Content-Length: 10954

GET
H2 200 close.svg
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/ 858 B
577 B 322ms
21ms Image
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/close.svg

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65bfdfbd6f9981b2d865248447081e391197fe739e7f7fbcb9d860f3de083a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14881
x-jsd-version: 2.2.18
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19173-FRA, cache-hhn4075-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"35a-LaVdc+hD0ZCqExvtq0FTdWPXKRU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f772ff1785f68f8-FRA

GET
H2 200 manorama_new.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/coronaWidget44/ 36 KB
36 KB 325ms
24ms Image
image/png 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/coronaWidget44/manorama_new.png

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d51a72b99b6605914dbe809a87b149f65a457ff585e52c6f6cf2a30ae359765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23928
x-jsd-version: 2.2.18
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36827
x-served-by: cache-fra19123-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"8fdb-oI0HywavnkeBKEzyLORCULCdh4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6f772ff1c8a068f8-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 55ms
28ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmanorama.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
27ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmanorama.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 79ms
32ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-208232-49&cid=797995697.1649213125&jid=138108919&_u=YChAgEABAAAAAE~&z=1693434289

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 76ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-208232-49&cid=797995697.1649213125&jid=138108919&_u=YChAgEABAAAAAE~&z=1693434289

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 78ms
31ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-208232-19&cid=797995697.1649213125&jid=1699443522&_u=YCjAgEABAAAAAE~&z=957486350

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-208232-19&cid=797995697.1649213125&jid=1699443522&_u=YCjAgEABAAAAAE~&z=957486350

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
i.clarity.ms/s/0.6.34/ 53 KB
23 KB 350ms
107ms Script
application/javascript 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/586bqo1bji
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:24 GMT
content-encoding: br
etag: "1d83fcbec22f254"
last-modified: Thu, 24 Mar 2022 22:10:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 704ms
704ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=472305527291753&correlator=1840371430515022&eid=31066949%2C44752585&output=ldjh&gdfp_req=1&vrg=2022033101&ptt=17&impl=fif&iu_parts=123148010%2CMO_HOME_PAGE_FLOATING_WIDGET_320x50&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=6&adks=4175618108&sfv=1-0-38&fsfs=1&ecs=20220406&fsapi=false&prev_scp=refresh%3Dtrue&cust_params=Content_Category%3Dfalse&sc=1&cookie=ID%3D4a640b3fb1486842%3AT%3D1649213124%3AS%3DALNI_MZNfctROEGyMAk8iElJSRODivPxfw&abxe=1&dt=1649213125252&lmt=1649213125&dlt=1649213124223&idt=457&biw=1600&bih=1200&adxs=1277&adys=1147&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.onmanorama.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=320x-1&msz=320x-1&fws=512&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=797995697.1649213125&ga_sid=1649213125&ga_hid=786834084&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

27032b188b657b7c1da2e2d8d99c423e174dc3a0db079726cb1c8ae942c58446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12211
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onmanorama.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A61C 16 KB
16 KB 46ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://specials.manoramaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 594727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 05:33:18 GMT

GET
H3 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ Frame A61C 32 KB
32 KB 52ms
26ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://specials.manoramaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:33:29 GMT
x-content-type-options: nosniff
age: 544316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:33:29 GMT

GET
H2 200 currentdate.json Show response
www.onmanorama.com/mm/date/ 46 B
343 B 28ms
28ms XHR
application/json 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmanorama.com/mm/date/currentdate.json?format=json

Requested by

Host: js.onmanorama.com
URL: https://js.onmanorama.com/etc.clientlibs/onm/clientlibs/onmclientlibs.bc7b3f98b1b39838bdd757e1421a1227.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-151-200.deploy.static.akamaitechnologies.com

Software

Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /

Resource Hash

f2427c9ba5368fa4734c4d6a170da7f9473be7ef68103c9ab010187a9e9468f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.onmanorama.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: max-age=45
server-timing: cdn-cache; desc=HIT, edge; dur=5
vary: Accept-Encoding
content-length: 66
expires: Wed, 06 Apr 2022 02:46:10 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/kerala/top-news/images/2021/6/14/petrol-diesel-price.jpg.transform/bigstory/ 28 KB
28 KB 171ms
168ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/kerala/top-news/images/2021/6/14/petrol-diesel-price.jpg.transform/bigstory/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: ea8eb488e642016f16b68948dd1bb4e7a1fb5b0a1d57c97dbc90ae2960a24be6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Wed, 06 Apr 2022 02:44:17 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "6e58-5dbf3566d0ac0"
content-type: image/jpeg
cache-control: max-age=94608000
accept-ranges: bytes
content-length: 28248
expires: Sat, 05 Apr 2025 02:45:25 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/news/india/images/2022/4/5/sonia-gandhi-new-sq.jpg.transform/onm-topstories/ 5 KB
5 KB 30ms
24ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/news/india/images/2022/4/5/sonia-gandhi-new-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 9594905483e03ae4c7e27dc08dd0685703b10b4c164ff070444132238f42bf52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Tue, 05 Apr 2022 16:15:37 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"1503-5dbea8e2b968f"
content-type: image/jpeg
cache-control: max-age=94570190
accept-ranges: bytes
content-length: 5379
expires: Fri, 04 Apr 2025 16:15:15 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/news/india/images/2022/4/5/meat-shop-sq.jpg.transform/onm-topstories/ 9 KB
9 KB 32ms
27ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/news/india/images/2022/4/5/meat-shop-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 0f82338dde127b42749cb3eab7b39e3b61dcc66a798d618332f5f2817f269a3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Tue, 05 Apr 2022 16:30:04 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "2504-5dbeac1d18e1e"
content-type: image/jpeg
cache-control: max-age=94571361
accept-ranges: bytes
content-length: 9476
expires: Fri, 04 Apr 2025 16:34:46 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/news/world/images/2022/4/5/gotabaya-rajapaksha-sri-lanka-sq.jpg.transform/onm-topstories/ 7 KB
8 KB 35ms
31ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/news/world/images/2022/4/5/gotabaya-rajapaksha-sri-lanka-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 3de46690a53da44b62719dc5620a8c3d82520671178c098239e19f3af37f7d44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Tue, 05 Apr 2022 05:21:03 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "1dd8-5dbe1694738b1"
content-type: image/jpeg
cache-control: max-age=94531508
accept-ranges: bytes
content-length: 7640
expires: Fri, 04 Apr 2025 05:30:33 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/news/india/images/2021/11/17/rain-sq.jpg.transform/onm-topstories/ 9 KB
9 KB 42ms
37ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/news/india/images/2021/11/17/rain-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 5b2a3a5ab2aec37e4c9d9d1836de23cd416e9948f266bc31d3a88c15b26a6dc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Tue, 05 Apr 2022 17:08:16 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"2363-5dbeb4a708553"
content-type: image/jpeg
cache-control: max-age=94573459
accept-ranges: bytes
content-length: 9059
expires: Fri, 04 Apr 2025 17:09:44 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/sports/football/images/2022/4/5/gokulam-win-sq.jpg.transform/onm-topstories/ 7 KB
7 KB 42ms
38ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/sports/football/images/2022/4/5/gokulam-win-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 5a056e56520161876f187115e5234859350363fd20033d33ebf1eaf827fe4636

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Tue, 05 Apr 2022 16:15:47 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"1b3f-5dbea8ebc054a"
content-type: image/jpeg
cache-control: max-age=94570185
accept-ranges: bytes
content-length: 6975
expires: Fri, 04 Apr 2025 16:15:10 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/travel/travel-news/images/2022/4/5/thrissur-pooram-sq.jpg.transform/onm-topstories/ 13 KB
13 KB 28ms
28ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/travel/travel-news/images/2022/4/5/thrissur-pooram-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 560a40e7d510e1c6e910025e824dcbc26b50bb33e18bced61f8b75a7305d0ced

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Tue, 05 Apr 2022 05:56:04 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "32a9-5dbe1e677ded3"
content-type: image/jpeg
cache-control: max-age=94532973
accept-ranges: bytes
content-length: 12969
expires: Fri, 04 Apr 2025 05:54:58 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/sports/cricket/images/2022/3/29/fanoos-wickets-sq.jpg.transform/onm-topstories/ 9 KB
9 KB 25ms
25ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/sports/cricket/images/2022/3/29/fanoos-wickets-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 826a65925773a0d431729003295741489dc144c0b62a268d207e2f30c687da35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Tue, 29 Mar 2022 14:30:57 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"22de-5db5c46f49700"
content-type: image/jpeg
cache-control: max-age=93959053
accept-ranges: bytes
content-length: 8926
expires: Fri, 28 Mar 2025 14:29:38 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/news/india/images/2022/1/24/dileep-crime-branch-day1-sq.jpg.transform/onm-topstories/ 8 KB
8 KB 27ms
26ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/news/india/images/2022/1/24/dileep-crime-branch-day1-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 5b2d653c19a9529ee7e4e3784bd6509132d999be839ff88b15d48b20662d6bd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Tue, 05 Apr 2022 06:48:20 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"1ea2-5dbe2a16daee1"
content-type: image/jpeg
cache-control: max-age=94536185
accept-ranges: bytes
content-length: 7842
expires: Fri, 04 Apr 2025 06:48:30 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/food/features/images/2022/4/5/dubai-kerala-snack-shop-sq.jpg.transform/onm-topstories/ 11 KB
11 KB 61ms
60ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/food/features/images/2022/4/5/dubai-kerala-snack-shop-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: ab91548572d24a701043ca5ec080f9455907773dd8ce61dad598912479fa062c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Wed, 06 Apr 2022 00:41:17 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: "2a42-5dbf19e8f6b4f"
content-type: image/jpeg
cache-control: max-age=94600923
accept-ranges: bytes
content-length: 10818
expires: Sat, 05 Apr 2025 00:47:28 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/travel/travel-news/images/2022/4/5/oyster-marris-homestay-sq.jpg.transform/onm-topstories/ 8 KB
8 KB 167ms
166ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/travel/travel-news/images/2022/4/5/oyster-marris-homestay-sq.jpg.transform/onm-topstories/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 052647ea19cba771f30b83cf1e89b2154c9599d99436e7c6339a8c6428a10bca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Wed, 06 Apr 2022 02:45:25 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"1e7a-5dbf35a82debe"
content-type: image/jpeg
cache-control: max-age=94608000
accept-ranges: bytes
content-length: 7802
expires: Sat, 05 Apr 2025 02:45:25 GMT

GET
H2 200 image.jpg
img.onmanorama.com/content/dam/mm/en/editor/ajg.jpg.transform/auimg/ 3 KB
3 KB 22ms
21ms Image
image/jpeg 96.16.151.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onmanorama.com/content/dam/mm/en/editor/ajg.jpg.transform/auimg/image.jpg
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.151.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-151-200.deploy.static.akamaitechnologies.com
Software: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23 /
Resource Hash: 50de4325533a97fe3d92cd48a84aaf197e9d861b0c18d1e27ccbaadd41d60f88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
last-modified: Sat, 05 Feb 2022 16:30:16 GMT
server: Apache/2.4.23 (Unix) Communique/4.2.1 PHP/7.3.23
etag: W/"c3d-5d747e1e78257"
content-type: image/jpeg
cache-control: max-age=89473490
accept-ranges: bytes
content-length: 3133
expires: Tue, 04 Feb 2025 16:30:15 GMT

GET
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 38ms
37ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Wed, 06 Apr 2022 02:45:25 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/298f3e2b-48b7-4495-b4c3-151fdef4c581/10s/ 6 KB
6 KB 18ms
17ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/298f3e2b-48b7-4495-b4c3-151fdef4c581/10s/rendition.m3u8?fastly_token=NjI3MTM5MWFfMGVkOWViNjQyNjE2MWM0ZmM5Y2FkMDFjODU1ODExNjRhMTY0MmQzZGRmOTYwMzdjMzFlNDA2OGU1MjIzN2Q3NQ%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5265296597001/gFrVV8fiF_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: e7b6e94dbad36e208ae7518b23ebbbd7267cdb3bee8835925c2383188efbb940

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
via: 1.1 varnish
age: 46277
x-powered-by: BC
x-cache: HIT
content-length: 6299
x-served-by: cache-hhn4034-HHN
x-device-group: desktop-chrome
x-timer: S1649213125.456045,VS0,VE0
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 2

GET
BLOB 200
OK 76707b72-679c-4b4d-b1b1-9ae0e592f335
https://www.onmanorama.com/ 57 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onmanorama.com/76707b72-679c-4b4d-b1b1-9ae0e592f335
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a57b2a8ac51ab8a039ed15dbe7e55ae70665f52a22e4bbf8e755257ad8d37ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 58236
Content-Type: application/javascript

GET
H/1.1 200
OK segment0.ts Show response
bcboltmmcltd-a.akamaihd.net/media/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/298f3e2b-48b7-4495-b4c3-151fdef4c581/5x/ 221 KB
222 KB 256ms
112ms XHR
video/mp2t 88.221.111.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcboltmmcltd-a.akamaihd.net/media/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/298f3e2b-48b7-4495-b4c3-151fdef4c581/5x/segment0.ts
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5265296597001/gFrVV8fiF_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.221.111.24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-111-24.deploy.static.akamaitechnologies.com
Software: / BC
Resource Hash: ad94613a9aa9feae3598a289d5a8772bb0da5ecca60d231eef3cd582ab4c2392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 02:45:25 GMT
Fastly-Original-Body-Size: 225976
X-Amz-Cf-Pop: SIN52-C2
X-Powered-By: BC
Backend-IP: 13.225.0.35
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 225976
X-Served-By: cache-qpg1268-QPG
Akamai-Mon-Iucid-Del: 852836
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1649166064.931255,VS0,VE1
X-Powered-From: gantry
ETag: "5d1e076293baefc93245f123cd15a7b9"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31488330
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id: eCALxbfL5jLVoVOvMN4R5PSbxOidaiDifnlnITNCmhXliMeMmw7RVw==
Expires: Wed, 05 Apr 2023 13:30:55 GMT
X-Cache-Hits: 1

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
476 B 85ms
34ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.onmanorama.com&callback=_gfp_s_&client=ca-pub-4075694933314520&cookie=ID%3Db7d032cd1b34dba2-224d921c70cd002d%3AT%3D1649213124%3AS%3DALNI_MZWHG1AaOzoy6Cf4hF9eeZjPUWY2w

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4075694933314520&plah=www.onmanorama.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.onmanorama.com%2F&tn=DIV&id=dragItemcrn&cls=profile_divcrn&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C10 106 KB
35 KB 429ms
400ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4075694933314520&output=html&adk=1812271804&adf=3025194257&lmt=1649213125&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.onmanorama.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649213125013&bpp=3&bdt=790&idt=496&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7d032cd1b34dba2-224d921c70cd002d%3AT%3D1649213124%3AS%3DALNI_MZWHG1AaOzoy6Cf4hF9eeZjPUWY2w&nras=1&correlator=6733942468133&frm=20&pv=2&ga_vid=797995697.1649213125&ga_sid=1649213125&ga_hid=786834084&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=472305527291753&pem=395&tmod=47166265&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=523

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af32ddef4531e522e3f503e0a2c4770343d0790cb2f6d419bf1e493837c02089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35483
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 02:45:25 GMT
expires: Wed, 06 Apr 2022 02:45:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E651 6 KB
3 KB 49ms
21ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 02:45:24 GMT
expires: Thu, 06 Apr 2023 02:45:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012203150226000/ 23 KB
9 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9479b3e3bef0f6427206cadb155b1f1e0197e6d87356db3a4dee7732273b2b80

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120899
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8029
x-xss-protection: 0
server: sffe
date: Mon, 04 Apr 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e862474745e2e7b9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Apr 2023 17:10:26 GMT

GET
H3 200 container.html Show response
946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FF5 6 KB
3 KB 42ms
22ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 02:45:24 GMT
expires: Thu, 06 Apr 2023 02:45:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1649213125609_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1649213125609_1

143 B
741 B

40ms
40ms

Script
text/javascript

54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1649213125609_1

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

HTTP/1.1

Server

54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-90-159.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

4d23c9596864091e494348cf8f5c35059e6cab575380436776e8b979258239c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 135
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:25 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1649213125609_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
BLOB 200
OK a30f37b9-3ff7-41b5-ba5f-5736f185f74f
https://www.onmanorama.com/ 57 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onmanorama.com/a30f37b9-3ff7-41b5-ba5f-5736f185f74f
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a57b2a8ac51ab8a039ed15dbe7e55ae70665f52a22e4bbf8e755257ad8d37ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 58236
Content-Type: application/javascript

GET
H/1.1 200
OK segment0.ts Show response
bcboltmmcltd-a.akamaihd.net/media/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/298f3e2b-48b7-4495-b4c3-151fdef4c581/5x/ 221 KB
222 KB 122ms
60ms XHR
video/mp2t 88.221.111.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcboltmmcltd-a.akamaihd.net/media/v1/hls/v4/clear/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/298f3e2b-48b7-4495-b4c3-151fdef4c581/5x/segment0.ts
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5265296597001/gFrVV8fiF_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.221.111.24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-111-24.deploy.static.akamaitechnologies.com
Software: / BC
Resource Hash: ad94613a9aa9feae3598a289d5a8772bb0da5ecca60d231eef3cd582ab4c2392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 02:45:25 GMT
Fastly-Original-Body-Size: 225976
X-Amz-Cf-Pop: SIN52-C2
X-Powered-By: BC
Backend-IP: 13.225.0.35
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 225976
X-Served-By: cache-qpg1268-QPG
Akamai-Mon-Iucid-Del: 852836
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1649166064.931255,VS0,VE1
X-Powered-From: gantry
ETag: "5d1e076293baefc93245f123cd15a7b9"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31488330
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id: eCALxbfL5jLVoVOvMN4R5PSbxOidaiDifnlnITNCmhXliMeMmw7RVw==
Expires: Wed, 05 Apr 2023 13:30:55 GMT
X-Cache-Hits: 1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 26ms
25ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=786834084&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmanorama.com%2F&ul=en-us&de=UTF-8&dt=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Entertainment%20%7C%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAUABAAAAAG~&jid=1116443843&gjid=1279968666&cid=797995697.1649213125&tid=UA-159929110-29&_gid=1163714855.1649213125&_r=1&gtm=2ou3u0&z=1448619953

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onmanorama.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame E651 222 KB
61 KB 63ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:32 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E651 16 KB
6 KB 98ms
58ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E651 96 KB
29 KB 95ms
55ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E651 5 KB
2 KB 61ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E651 42 KB
13 KB 84ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E651 4 KB
618 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 01:15:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 02:45:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E651 4 KB
618 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 01:39:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 02:45:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15343339091787150275/ Frame E651 15 KB
16 KB 92ms
23ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15343339091787150275/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qnUMByesB_RY4-dKWU-WtX2ZRa97w

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3db07ec8684aa817da189457550e9ea6be313da2cbca3e6097ea8c611245b785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 08:27:43 GMT
x-content-type-options: nosniff
age: 497862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15738
x-xss-protection: 0
last-modified: Fri, 04 Sep 2020 15:52:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 31 Mar 2023 08:27:43 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8540625886789466196/ Frame E651 20 KB
20 KB 113ms
44ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8540625886789466196/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qlTsohEqVMByErPhWoz6LXVl9q6Ww

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9176b6a2180b57d7077e6fb2f77bb40eeabff487911294fecd9e26bb919401b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:20:56 GMT
x-content-type-options: nosniff
age: 33869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20052
x-xss-protection: 0
last-modified: Tue, 23 Oct 2018 13:54:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Apr 2023 17:20:56 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E651 0
0 65ms
65ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqqN7xf5MYqLiC5Ds3gOcuI-oCrbS5cVn597skp4N29keEAEgxZ60HWCV4qaCsAegAafxoowDyAEGqQLjpLaZ-EuyPuACAKgDAcgDCqoEhQJP0EWocLAoZJJijoQjeB1b-nbyf6dgDDD7l8nkXSCo6oMIc4_uIOCCCAvUDc_GTIbSjQtTbiFmYEYrTDmk5V6wiuuTl7onNArMncXAJD6Ass_EXEU9d84VUyInND1rtxbhRHIF3HtKGskvKRSPvHteUOvKqGwaOvogaMLqVpVQJS5xSYno63wiQaOgksfF4Qin3TCq5O2bKQl5ENGY4bU_sHVwg4O_xQWIJS-gxa6id7Mo2jR1ULeRB3MdPiENJk4Uqx3za4TglKRD5c6Q2anKY5zWWDO_KqMqvzDG2K-NnE_pQgoCSTRTx7CLV923Ju15vI5OmZBnDLtABXAtLcMfwejfUfPABK7qz_D0AuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfBjt1zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQi9oM0ggJCIjhgBAQARgdgAoDyAsB2BMMiBQE0BUBgBcBshceChwIABIUcHViLTQwNjk2OTMyOTEzOTEyNjcYiqYd&sigh=SxX8dUqEpwY&uach_m=[UACH]&template_id=492
Requested by: Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame E651 0
0 62ms
31ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjMl-jDh8eJG5OhOpxTG7x2korzunJQ_lhWid_Wu4CMM3k3eRxOuAAz3IwKOr5qXzOHkQkOmCCIHzswUyFDUJAV3ROaA
Requested by: Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E651 2 KB
3 KB 90ms
21ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 61427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 06 Apr 2022 09:41:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E651 295 B
399 B 90ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 60740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 06 Apr 2022 09:53:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 79A0 624 B
300 B 36ms
34ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbh_LEATAB&v=APEucNXhXXMyLIGvPVce7sAenYMl8JaDUhoUxivfXZq8uOtCE_uQKjRywJdnZYV2-lTc6P7H4poZHMZro8MAZFlXo_aZ33Vds9bOhmykS_-3Qygffd5zssQxADp75hrqEMbi7mGCiLLAM250hhzHqIbiLxBSl44mJLUmxsg4rgTnUogM0-EhqmU

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 02:45:25 GMT
expires: Wed, 06 Apr 2022 02:45:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 59A8 78 KB
32 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuvTESd63czyAfA-5RY0R-fz7IkfppvzFBRnpn-WZwdY9elCbNAGvsDArJhdgz61lJAwAO_f3dklft_1-CySZgx8i_IU_diqZiAnJSraEMqqi3lYjCJzFltICWgEdC6jl-QNQp7fIfKPKSJwXQpoP2Rff0Ow&dbm_d=AKAmf-Ds5e-1Im9ybSOEOMmDU8vScHJnX4TXBlgFA9CdkZZ8aAGmpuMzIFQSqnmGcufQgpdb-KdZx7lYzR9RlhSrDdRnzRgTjDkxMqEwcUtM0OudZdKEvVrb479JEvCqlRMbQ9e9qtwGGd1pIyZZ7sefjSr3iV8qbnrYW-0x9X6_0bBVqTRZzqTMgPfcEhhCU3fCfjnp1RknkeaHZKVLaPn7K0n_KZHjad4hW4D7n0SyMzm3fwX_RwJ2q0BJDGh0vWSH7JdSindsB8hOjj6_lBpptdjd1RG0pxED2Ypu7PFfer9FrNKJrykLVGNmJ68L5UEzcp8C7CKI2xWRHnZNQxLA-3ib6FQcig2NijdOTj-zI6bVV0-dJb-tvo3sUKbiLb0z9uv1C0LJWtMrUNy4bcCvdNUj3475itjMPpsIKlRYFddfjY0AwWURx_mF83u1JardelQP2VpuY5T0b-gEVHi5yVgPkfLVojquqa7YQtCJAUUxXRYW8YJ1k10Sskz_GH11kAJap7m2nhg7aFFQjNm0LMyu2u8P6SkA1qttZ3UXIMLsbfKxNo0SvbeTqBMwF77vDNBKpLMVT-Q_7juERyuF4OEEqjAf0zHjc_f8LItjxYQEHPPk69ttwIvYc2YiNiDFEDtwWWjLFKiFwmzwdejmzYCpdwr9OS1xD_NKPww2ruFCkOMN50OBZYDZ3uQJLSPn9P5W6VuhjFJavinTZ4zifJnS4XiL1q2pidy7wG8f4-9FaV8EflzGxkdG20SJlcbNLcm1XgGpdA1n10wETqnIMyWbG4llsNeHSGw8kNpIpi0agHVJsAe9FptnY4fI-NIlWddWtYm9A_gIrU_OgNJu7zH9KdUEDdrvQLPBp45rlwhNzswYCZXAQDZ1RcLijC5Q_zQow3XlhigCeXayRZ7L-WB-QEwEZ_stIHizFmZcloEDE1l5eWzvzREnR95H9QOGuNKuXeWdLRanR5EFenM335u1bcrB6s_imhnCwuKqfnrHn3pagbLfnXES53diEfU5sXnAzHU5GDW007Zlr2nSb4vGHgp9xKnvpo4qanosp0ZqOK74wh0OLxW1WagIHnyiELByZYRWBve73cp-QCUHfOiw-JcetknCTF7N25VoHnZmQfQ42luJyu66AF4J5cglOhsERCjPiUWmy-zdKDoWwPJBJooZzIk33PeKVDrQYFFpTOikcuaFy7YL2XP-2E2H8cVA1Xwoo9o_fLulnbOdcIH12kp3hwaeYUnNdygJfOwsmL7ezval1AvmnttkT_-TnzYz90J-6CYETBVoa7Sd0G9RZWFuJN2EmS02-fTEuvOWPXaYBFSldWx9SL3beDDJW9nhM-lRgJWiUO9cljptBndy1jfZg9DOrVdZGuyHZpCTuoruSiT8LR0A1q5577dVk-HOISA1PwLFNVUqIAR3kVEtIbAd1XQxwoBi-4e77B5E9L4-ZXa2W1YJg_HnuLeMJvIPhw78ELpayPnK7jzcu7ZgwWTFiGZ4f4cOureL8bsR_uNrfbsQXOmKAr4wnpcbPKtkBtmGp1sh024E0iXweQFCrWasWuLC0N6dG2DbIJIv8H61cq0m4SVTxUo7Jl8lNBdpjwUPbSc2zTqDimga3n0yAm5WuQ86_CM7_C9w1ymlsv4GsE1AY4zRxmCJhw__OXUZgLXfQPqfYgeT4HoCwlTq1XtwwBeYHNcGBu3HoFPWtPdoaf512c_Ir8XfSd9YgGIOKi_Q40Hx2lLRrC3pXNMWBAIz7kF4S7wOoxK0wD0Ez3Pbo5LCEnP2S_m1m2Roz-F9JMYuKCbPARbETNY2tz_-hVc-kFTtaAFdXlaPxsJhGZPt6btqQvbhzLcwIZ4i2BOIXv2U6sNLqe5huV5EK3wN-n-gV0y31kd7AWZsFDg57LK6F4I6MwnxvuBwC2_u570SC-tzYvJhdC72vT3LyRE_kQWId4go9DK2OysC5BctmsNqSA46gNp4KLZhXGRe4JJ5GQLR1sTWVMcj_OP0jy4JYLaFzPtrGL2wIhkHuOgDLdCqoW5CA6n3SsdzBU8VqpTYrHpnETmrT24TOnyEzo5f_RvHRZI-xubt-SU1SSeCWNr_GJFhnQdZ88qUQVpnp3c6FvunrTAtndCzFGhaACRwrpkDsvbqDXgpuZTWRBan4P7fOCO4i9x3DUQVcriH_aAyI0_corGwLJy0HU8g36SPdqMumv1I56Mijv86ZOFPq0I2AJb2InCxgw8qKtWAM64tNRV1BIPvydek4MIX4TNVETVEde2liiwa__5TTScWCIgp76g8f9xbO4ULEPbRGaKzx9otK4_NpGjIT-kW3UXbjXlsASXkJRUE8OiuZEk1-4-f5G7SJjwgvHK_HZ6CYYRE_2A9laIBs-FMXHXGPDLktwHbz_GCgPJE8eA_HHLyQf4pNeCtmrecnWZggcV08LdSXwfK2chmEkOyI-k0LDa6WxCBqwmPghsATKwRlih78wa-7lr0SK7hW4VgMpImYgwqoeuco2FI57xDHFgA1RtNfPuGqKi5cfm6mHHSQlykMcyawko2ArqfqbpuVd7vV6EAwpVmHDzbUdt0JcfkOcpWC5P2iNDNLs-RSE9QpddMJROdyX5pIyZGEwQ1pk5tonc0XRU_wmljAXX9L8OD1PkhPVOASR-gdYVFlNeAodHCpNDkMP03Q1AKv4_nh2VXIa1S6Qj_FMDQPFPTd7xSxPUwhCUWc4BU81QV_4stPwXT-yQa4iWxkxw_wXvmZ555h8v66_bvWwHnhH-6rbDjGQcqbFLfjDnoTCPWl3onCTcVzdPkLZJVyoXVc4uqkUJnOIa3kiRulJQMjyeKAj8B88wNF4Vi3ZKkUAs0HFUE9XENxY42ydzta-wkIO8tDbrUtzGjYjGhAiblnp-L1UYLwEUZ_oSkuW-BNKIFm_4NRbErdx37IB7p_C4cy4oda39D8MyBZ0bmUHLyOuwtx3GTMT8nHh4f3Ox6PcUY7W5Evsrxbm4hQWI2TjDiWlGqEEg186NjJ3XzHp5AS7TEht3SmzC291MuMdIbf-BYePCrcC-22mNDV8wtHZgFbHyRUuo__nIBQd3CAwYCTfTJE3JhjJoJmunJMbz9DqBB3iCAKyrz6UhU-gToGVUHzI5EpXwYhqxYlV_eZg6qktDaqr0ySPq0nNvuMz1gnTBbEVsjJeV6-wLVq2QrHtC-OH1WuEsa6wS-OOgC&cid=CAASKORo_BChBrB7jWPqIvJzlHuREWY1a7EnaJaRf5evd0lby9P_hpF9VBk&rfl=2%2Chttps%253A%252F%252Fwww.onmanorama.com%252F%240

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8df66c5b54dab04113c9a87b1af617ff6d03ba80fa46d1dbd6661962f98948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33152
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame 59A8 2 KB
1 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 02:26:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59A8 119 KB
36 KB 62ms
35ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36931
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649071906742826"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame 59A8 15 KB
7 KB 69ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 02:18:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 59A8 0
0 45ms
32ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwjUVZTc7uQyj-efW_tVV2PSpluMVJdKq6qm-vgL8vxzoO7hiwbb4LMpQtrX-dXxgxBqtvrSmMyAYjBV-WAsbjRCX0dQ
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59A8 42 B
63 B 52ms
52ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtFemYYdRtFNEc38QXm7Sc93nKj2PYDobeo_prvOJzZiSGhYamqYYOgWgIqF1TYY6Cdw6CNCk1QqmmwNfMj1Vi4EDuAOqa2q-8GVT7HpGwru-n29I

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 50E5 6 KB
3 KB 23ms
18ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 02:45:24 GMT
expires: Thu, 06 Apr 2023 02:45:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E651 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cacd4676d3e1da53113f6ea6b7f337db546132c84d3e90d9ca82f088eedb96eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E651 15 KB
15 KB 24ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 27936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E651 16 KB
16 KB 26ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 594727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 05:33:18 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
72 B 103ms
103ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://www.onmanorama.com
date: Wed, 06 Apr 2022 02:45:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame F14D 2 KB
1 KB 380ms
38ms XHR
application/json 23.35.232.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=J3MDQ-48JJW-ZLEFB-4N52D-G4L2D&d=www.onmanorama.com&t=5497377&v=1.700.0&if=&sl=0&si=85b54fcd-4209-42ac-8e97-2880001a3c87-r9wczn&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,LOGN&acao=&ak.ai=304245
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/J3MDQ-48JJW-ZLEFB-4N52D-G4L2D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.35.232.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-232-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7f1775e7e6df802c203c464466bc8ee169eacc5fa706aa580a8c1a8a76d4a057

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 02:45:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 737

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 79A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKmaCN7-VcAfu2pX6uYhkc&google_cver=1

43 B
1014 B

49ms
23ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKmaCN7-VcAfu2pX6uYhkc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbh_LEATAB&v=APEucNXhXXMyLIGvPVce7sAenYMl8JaDUhoUxivfXZq8uOtCE_uQKjRywJdnZYV2-lTc6P7H4poZHMZro8MAZFlXo_aZ33Vds9bOhmykS_-3Qygffd5zssQxADp75hrqEMbi7mGCiLLAM250hhzHqIbiLxBSl44mJLUmxsg4rgTnUogM0-EhqmU
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 Apr 2022 02:45:26 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKmaCN7-VcAfu2pX6uYhkc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 79A0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ykz.xZ-OEi0maSRvn-3FeQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZ3sGsBeySwMiUm7DxQNtU&google_cver=1&google_hm=2

43 B
894 B

23ms
23ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZ3sGsBeySwMiUm7DxQNtU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbh_LEATAB&v=APEucNXhXXMyLIGvPVce7sAenYMl8JaDUhoUxivfXZq8uOtCE_uQKjRywJdnZYV2-lTc6P7H4poZHMZro8MAZFlXo_aZ33Vds9bOhmykS_-3Qygffd5zssQxADp75hrqEMbi7mGCiLLAM250hhzHqIbiLxBSl44mJLUmxsg4rgTnUogM0-EhqmU
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 Apr 2022 02:45:26 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAZ3sGsBeySwMiUm7DxQNtU&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 79A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN3gfGKFgA2FcvXijPWPiuA&google_cver=1

43 B
1008 B

71ms
24ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN3gfGKFgA2FcvXijPWPiuA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjbh_LEATAB&v=APEucNXhXXMyLIGvPVce7sAenYMl8JaDUhoUxivfXZq8uOtCE_uQKjRywJdnZYV2-lTc6P7H4poZHMZro8MAZFlXo_aZ33Vds9bOhmykS_-3Qygffd5zssQxADp75hrqEMbi7mGCiLLAM250hhzHqIbiLxBSl44mJLUmxsg4rgTnUogM0-EhqmU

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 66cfd9da-3430-4740-8957-81b35cb0c4d7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN3gfGKFgA2FcvXijPWPiuA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 79A0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzEyNDAyNjMwMTgwNzI3Mjg3Mw%3D%3D

170 B
188 B

45ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzEyNDAyNjMwMTgwNzI3Mjg3Mw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5994e23e-5ebf-4029-93f5-8ae7fc65a166
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzEyNDAyNjMwMTgwNzI3Mjg3Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 59A8 106 KB
38 KB 91ms
21ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
Origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 09:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Apr 2022 09:31:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220404/r20110914/elements/html/ Frame 59A8 8 KB
3 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220404/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuvTESd63czyAfA-5RY0R-fz7IkfppvzFBRnpn-WZwdY9elCbNAGvsDArJhdgz61lJAwAO_f3dklft_1-CySZgx8i_IU_diqZiAnJSraEMqqi3lYjCJzFltICWgEdC6jl-QNQp7fIfKPKSJwXQpoP2Rff0Ow&dbm_d=AKAmf-Ds5e-1Im9ybSOEOMmDU8vScHJnX4TXBlgFA9CdkZZ8aAGmpuMzIFQSqnmGcufQgpdb-KdZx7lYzR9RlhSrDdRnzRgTjDkxMqEwcUtM0OudZdKEvVrb479JEvCqlRMbQ9e9qtwGGd1pIyZZ7sefjSr3iV8qbnrYW-0x9X6_0bBVqTRZzqTMgPfcEhhCU3fCfjnp1RknkeaHZKVLaPn7K0n_KZHjad4hW4D7n0SyMzm3fwX_RwJ2q0BJDGh0vWSH7JdSindsB8hOjj6_lBpptdjd1RG0pxED2Ypu7PFfer9FrNKJrykLVGNmJ68L5UEzcp8C7CKI2xWRHnZNQxLA-3ib6FQcig2NijdOTj-zI6bVV0-dJb-tvo3sUKbiLb0z9uv1C0LJWtMrUNy4bcCvdNUj3475itjMPpsIKlRYFddfjY0AwWURx_mF83u1JardelQP2VpuY5T0b-gEVHi5yVgPkfLVojquqa7YQtCJAUUxXRYW8YJ1k10Sskz_GH11kAJap7m2nhg7aFFQjNm0LMyu2u8P6SkA1qttZ3UXIMLsbfKxNo0SvbeTqBMwF77vDNBKpLMVT-Q_7juERyuF4OEEqjAf0zHjc_f8LItjxYQEHPPk69ttwIvYc2YiNiDFEDtwWWjLFKiFwmzwdejmzYCpdwr9OS1xD_NKPww2ruFCkOMN50OBZYDZ3uQJLSPn9P5W6VuhjFJavinTZ4zifJnS4XiL1q2pidy7wG8f4-9FaV8EflzGxkdG20SJlcbNLcm1XgGpdA1n10wETqnIMyWbG4llsNeHSGw8kNpIpi0agHVJsAe9FptnY4fI-NIlWddWtYm9A_gIrU_OgNJu7zH9KdUEDdrvQLPBp45rlwhNzswYCZXAQDZ1RcLijC5Q_zQow3XlhigCeXayRZ7L-WB-QEwEZ_stIHizFmZcloEDE1l5eWzvzREnR95H9QOGuNKuXeWdLRanR5EFenM335u1bcrB6s_imhnCwuKqfnrHn3pagbLfnXES53diEfU5sXnAzHU5GDW007Zlr2nSb4vGHgp9xKnvpo4qanosp0ZqOK74wh0OLxW1WagIHnyiELByZYRWBve73cp-QCUHfOiw-JcetknCTF7N25VoHnZmQfQ42luJyu66AF4J5cglOhsERCjPiUWmy-zdKDoWwPJBJooZzIk33PeKVDrQYFFpTOikcuaFy7YL2XP-2E2H8cVA1Xwoo9o_fLulnbOdcIH12kp3hwaeYUnNdygJfOwsmL7ezval1AvmnttkT_-TnzYz90J-6CYETBVoa7Sd0G9RZWFuJN2EmS02-fTEuvOWPXaYBFSldWx9SL3beDDJW9nhM-lRgJWiUO9cljptBndy1jfZg9DOrVdZGuyHZpCTuoruSiT8LR0A1q5577dVk-HOISA1PwLFNVUqIAR3kVEtIbAd1XQxwoBi-4e77B5E9L4-ZXa2W1YJg_HnuLeMJvIPhw78ELpayPnK7jzcu7ZgwWTFiGZ4f4cOureL8bsR_uNrfbsQXOmKAr4wnpcbPKtkBtmGp1sh024E0iXweQFCrWasWuLC0N6dG2DbIJIv8H61cq0m4SVTxUo7Jl8lNBdpjwUPbSc2zTqDimga3n0yAm5WuQ86_CM7_C9w1ymlsv4GsE1AY4zRxmCJhw__OXUZgLXfQPqfYgeT4HoCwlTq1XtwwBeYHNcGBu3HoFPWtPdoaf512c_Ir8XfSd9YgGIOKi_Q40Hx2lLRrC3pXNMWBAIz7kF4S7wOoxK0wD0Ez3Pbo5LCEnP2S_m1m2Roz-F9JMYuKCbPARbETNY2tz_-hVc-kFTtaAFdXlaPxsJhGZPt6btqQvbhzLcwIZ4i2BOIXv2U6sNLqe5huV5EK3wN-n-gV0y31kd7AWZsFDg57LK6F4I6MwnxvuBwC2_u570SC-tzYvJhdC72vT3LyRE_kQWId4go9DK2OysC5BctmsNqSA46gNp4KLZhXGRe4JJ5GQLR1sTWVMcj_OP0jy4JYLaFzPtrGL2wIhkHuOgDLdCqoW5CA6n3SsdzBU8VqpTYrHpnETmrT24TOnyEzo5f_RvHRZI-xubt-SU1SSeCWNr_GJFhnQdZ88qUQVpnp3c6FvunrTAtndCzFGhaACRwrpkDsvbqDXgpuZTWRBan4P7fOCO4i9x3DUQVcriH_aAyI0_corGwLJy0HU8g36SPdqMumv1I56Mijv86ZOFPq0I2AJb2InCxgw8qKtWAM64tNRV1BIPvydek4MIX4TNVETVEde2liiwa__5TTScWCIgp76g8f9xbO4ULEPbRGaKzx9otK4_NpGjIT-kW3UXbjXlsASXkJRUE8OiuZEk1-4-f5G7SJjwgvHK_HZ6CYYRE_2A9laIBs-FMXHXGPDLktwHbz_GCgPJE8eA_HHLyQf4pNeCtmrecnWZggcV08LdSXwfK2chmEkOyI-k0LDa6WxCBqwmPghsATKwRlih78wa-7lr0SK7hW4VgMpImYgwqoeuco2FI57xDHFgA1RtNfPuGqKi5cfm6mHHSQlykMcyawko2ArqfqbpuVd7vV6EAwpVmHDzbUdt0JcfkOcpWC5P2iNDNLs-RSE9QpddMJROdyX5pIyZGEwQ1pk5tonc0XRU_wmljAXX9L8OD1PkhPVOASR-gdYVFlNeAodHCpNDkMP03Q1AKv4_nh2VXIa1S6Qj_FMDQPFPTd7xSxPUwhCUWc4BU81QV_4stPwXT-yQa4iWxkxw_wXvmZ555h8v66_bvWwHnhH-6rbDjGQcqbFLfjDnoTCPWl3onCTcVzdPkLZJVyoXVc4uqkUJnOIa3kiRulJQMjyeKAj8B88wNF4Vi3ZKkUAs0HFUE9XENxY42ydzta-wkIO8tDbrUtzGjYjGhAiblnp-L1UYLwEUZ_oSkuW-BNKIFm_4NRbErdx37IB7p_C4cy4oda39D8MyBZ0bmUHLyOuwtx3GTMT8nHh4f3Ox6PcUY7W5Evsrxbm4hQWI2TjDiWlGqEEg186NjJ3XzHp5AS7TEht3SmzC291MuMdIbf-BYePCrcC-22mNDV8wtHZgFbHyRUuo__nIBQd3CAwYCTfTJE3JhjJoJmunJMbz9DqBB3iCAKyrz6UhU-gToGVUHzI5EpXwYhqxYlV_eZg6qktDaqr0ySPq0nNvuMz1gnTBbEVsjJeV6-wLVq2QrHtC-OH1WuEsa6wS-OOgC&cid=CAASKORo_BChBrB7jWPqIvJzlHuREWY1a7EnaJaRf5evd0lby9P_hpF9VBk&rfl=2%2Chttps%253A%252F%252Fwww.onmanorama.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 02:31:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220404/r20110914/ Frame 59A8 25 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220404/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cd44768f593bf50da4fef0e9b6871187ae76f0f0259b3e103b9d5ea1fb99459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9667
x-xss-protection: 0
server: cafe
etag: 18132634833399189292
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 02:24:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/ Frame 50E5 19 KB
8 KB 53ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/abg_lite_fy2019.js

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fec7c1c795f22f7c075d8e6906ab81f59b4c4a8f56409861709e0493fef1587c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 8493395584220102122
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 02:05:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 50E5 8 KB
714 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 02:01:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 02:45:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/ Frame 50E5 14 KB
3 KB 95ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.css

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 15:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 10:38:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2023 15:35:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/ Frame 50E5 347 KB
120 KB 97ms
27ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85be025a12bbb9bc1b3070e776389404bc1fed2b43fed80aa6d21a0f340d46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 23:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122269
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 10:38:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 23:55:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame 50E5 15 KB
6 KB 52ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 02:43:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 50E5 0
0 26ms
26ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAO2lTiDHY-Egk0MQNEAWlMIsRWKnq8zMPN-1JVDoURQ4Ic5anQPsJCEXSFLn7Oy-AIPWubcYRlElUkXa99KX6emYr3A
Requested by: Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E651
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

44ms
44ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

date: Wed, 06 Apr 2022 02:45:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
461 B 136ms
32ms XHR
application/json 2600:9000:20d7:ba00:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1649
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:ba00:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 02:31:00 GMT
Via: 1.1 b63f332297d95bccb0f4e41c4aef0ab0.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 519266
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: ZAG50-C1
Content-Length: 19
X-Amz-Cf-Id: SFLgAGNEyoCBNUN3fr5hAFeSkkREhB_r1D1QU_9_DpjymlslYE0s1A==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 904 B
778 B 173ms
43ms XHR
application/json 54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fwww.onmanorama.com%2F&vt=52ad677a-c8a6-41a1-8989-e128e4cb2a40-17ffcc334d9-610fa952
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1649
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 16671c9bd43a1be1f203b3b00c569e9c3af3db078f74192838ce882718d8a9ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Content-Encoding: gzip
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 446
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 41ms
40ms Image
image/gif 54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t&vn=b21b8ec&tz=0&pu=https%3A%2F%2Fwww.onmanorama.com%2F&vt=52ad677a-c8a6-41a1-8989-e128e4cb2a40-17ffcc334d9-610fa952&vi=5e1e67f7-e11c-4867-b98a-7fcb4f5fcc14-17ffcc33596-8a9a9f1b&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=Onmanorama%20%7C%20Breaking%20News%20%7C%20Kerala%20News%20%7C%20India%20%7C%20Lifestyle%20%7C%20Entertainment%20%7C%20Sports&te=434&sh=1200&sw=1600
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 59A8 41 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 19:34:22 GMT

GET
DATA 200
OK truncated
/ Frame 59A8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 853b8ead77d5a1233c938539e676b2d4f4e337c1bc75821d5b05b967db337a0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FFCF 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 02:45:24 GMT
expires: Thu, 06 Apr 2023 02:45:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/ Frame B0DD 6 KB
2 KB 49ms
23ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4911415a9268d225abbdb53f8fab01d501f5588e8e903f675b17320a0cbb0213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 404955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1981
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 10:16:11 GMT
expires: Sat, 01 Apr 2023 10:16:11 GMT
last-modified: Thu, 24 Mar 2022 10:40:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59A8 0
622 B 110ms
50ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvn5l_f0gPm6-RBYJJiGqM8l_slARtAzJc4IekofJ4fxqomEySIk3aqWs-A3BeFnZ6R3dh3zCT5PoiGwPRqoank4idj0iOHY1iF2jqx_60SXmbj9vtVWK53IqQYdUkVO1V35x7ZshRVOrH4e0ZhRmiaFBSqWB4PTtKS5FdEnzheE-xlUINv3M1-0DDc1lNIRHwFK2L6s57ov4ldgJpuTrbL0zxlmuIc9VxRtwB6vxsii4HXb6mfOvK9a9HGI-fYnV4JohA5ZTMrekyw1-NQUyvPY3-cBzySsmv1m6OyUo40fDZ_OgaVRxVbDsus-7Ne8Jgh3rvfdmGc3i2dcI92JTAPxaorKL8cPUpyiEkY4fbMx66aMWjpS39wBStWMt8qZ73TLm055WfSqhrrRPmVdAfJ9PQF7h0WZkzD02UQk4bMBbbXt7LCHuTZax2GT7F6YsemcdcWUaH9DksPExJOVmr5iGnGLC4pAvDfCps2l5wPZC4DOm237elnkjzurwtqyR-wi-x6C74OpPoJX0cDuqOx96HKKr7myAEHBe5ud33_FX0v0EbkI5P7FUF9roRz-Jg3NMYYzoPW5f1SehmbiS1AbRqyvDshZQ35_dVhq5zjfjUlHJVxZC9_H7Of6Tb8hoEVeqgNMTuirbdQyrONLKCFhVP0u4Mw5jhcBuKO4gSvbLuVW1iD8hjCeoayNjJaIiDuKG77BEXy1wJZyc6RN5YJjAJYjRFCQ5cjU6epQMInAe2JclI1Q-DMnSKoqQzIlE_N8D6nqeP-ZhGAQ3dHBBVrEM8CsOpZGCjGVY6XNntS548Tfd1Pm5fBpuYv6l_ncKdO-asWvvzN0BPdzeGXMihTcL5v1k7QlZhjZSTZu8dD73T6HmqyrvyF6nTpYS_1Y-LO5b9P8AW0A4pZuwiaAsmcOk3P65EkEO6_lwmV_JEXiVlgK8pqK0tuuOZKIc97x5QFdqvdWSb4qPkTggcbEQ61Vf-VSOyTbP0cQdhapMslbNMF1blzPjgF4ZCaWpIt3CntSPslx-x9DJx55tfHxbBz4IKnpMhq1rAl0-M4ZY281K-bq8C58pWllFAWUtSKodph9xuBtwptXy6zZOcrozTyKpIT-uyalbNTU7W73H4BDMzsT4J38LevqX9wO2P1HzlVKpeMCqNe-fjnIv6HyomydN-vwlkYVGzeqQyFIWqkNGijgFLcGmXhLUDBvVwl3_wBZBOP3noIRNEMt6y7RDAg9Da2GdP27v_V-GlVS4nBH_jnHNguwfUD1Zc5-vE&sai=AMfl-YRVsRGPtJeXNt_skWc5ZTNKJSoyg2ROd_rlhKJ7cdckiRM3ILIMyomH5V4UIojC4Y7MOdbGEQCHLjnkk_NAYCYo564vzhYoGCXSd7khM7y71UGmYGVhGZPJvvgBBHUiXKjOl3hQktLhtcRYmM5s4lgZdqGB3UHJFfiIoPmvHUSJJsZu3K-nMUM1-rbFN-iDaik5a29X1u3t7DuWQIIKrRhFMmGS8MPYGg&sig=Cg0ArKJSzEnKvbNZ21nHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=260&cbvp=1&cstd=256&cisv=r20220404.98388&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 06 Apr 2022 02:45:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame 50E5 0
327 B 465ms
49ms Ping
image/gif 142.251.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l1mywwe8&c=3958162798111&slotId=1979081399055.5&qqid=CIWB_NO1_vYCFcaddwodJ0UIww&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lb-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 50E5 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 23851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 20:07:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 50E5 15 KB
15 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 27937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50E5 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C4dDIxf5MYsWKFsa73gOniqGYDPOayrtn2OrmrcMPh6ibzIgKEAEgxZ60HWCV4qaCsAegAe7JlO8CyAEFqQLjpLaZ-EuyPqgDAcgDmwSqBJICT9C4DmcUjW-ck9YAld4e51G9sVFFXUsi8fxnbYY8bpEMSx7vY1ItUu2bPxEj7Y1wlvIReKwdWDzgZzzqUt5WW7jRsDH3axiOA6gl-RpJEbKOj6qeJsOZvMTEyURNPqFoP7IhJpZSoV4tzRZZzmVmUYmUQBrffiHZ9nlZbyjygB5G1M_R6vsnddydXsWrcIdkBhdeFXjphWa1qe_GvRl8ZFwyB9W63ZJhAu323bYPy_SU8bJj7kQFXWiCrSyp1xKMYx57QJYNIvHHKGSKOvA6VIjO1BlpI4axxQtTh6HFPQhy7YRIZN0JrqZ2hkxp66uY9zAB0TsHt_BtiSQQVWRvab2JTji47W_zIvBJp-HmQnzmqsAEh6WN8PcD4AQDkAYBoAZOgAf6teuQAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATtePjDsgTu-D83gPQEwDYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1649213126185&ai=C4dDIxf5MYsWKFsa73gOniqGYDPOayrtn2OrmrcMPh6ibzIgKEAEgxZ60HWCV4qaCsAegAe7JlO8CyAEFqQLjpLaZ-EuyPqgDAcgDmwSqBJICT9C4DmcUjW-ck9YAld4e51G9sVFFXUsi8fxnbYY8bpEMSx7vY1ItUu2bPxEj7Y1wlvIReKwdWDzgZzzqUt5WW7jRsDH3axiOA6gl-RpJEbKOj6qeJsOZvMTEyURNPqFoP7IhJpZSoV4tzRZZzmVmUYmUQBrffiHZ9nlZbyjygB5G1M_R6vsnddydXsWrcIdkBhdeFXjphWa1qe_GvRl8ZFwyB9W63ZJhAu323bYPy_SU8bJj7kQFXWiCrSyp1xKMYx57QJYNIvHHKGSKOvA6VIjO1BlpI4axxQtTh6HFPQhy7YRIZN0JrqZ2hkxp66uY9zAB0TsHt_BtiSQQVWRvab2JTji47W_zIvBJp-HmQnzmqsAEh6WN8PcD4AQDkAYBoAZOgAf6teuQAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATtePjDsgTu-D83gPQEwDYEwqIFALYFAHQFQH4FgGAFwE

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 50E5 30 KB
16 KB 135ms
60ms XHR
text/xml 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CRJNkckuLzNgavp34JuZTor2dJ79cuGByak4Jfduo1nhxYmYlYoDImnUSNxJaknjBjV2Oi8l7o0p9r2YvpHibpJrPj-g&dbm_d=AKAmf-BeUyK6Mp5e603evhoEKTRgFbyF3jUWKUkbNHBd_3-kGkJAvgjlahL3inYJqIT6sHtnpKGcubf4flaNkNaqqV6rMnPv4M5YGzraeNNd7MmyB0XqAsEjWxFzYBdskTYRXB-ZTGFeLKPdwYUi49Fiy1P-xQqRwjUN_49wY1T-0MrhGxquUJD7TT6KeC_sxSjm4VtwpSY0o8JszCvrOF-qGWjr0RFkpXMWybC8ilK_MC9G6x9lJbvEOb7AqE-SeUnn5bXRMHw50jarMTxT8Ixuah_aFHsXFGdHr9oib8OTbxrZ-MdLfPEQ3gusH7MpQdMWq3Z1VRBLpt9OMW1o57hW99DtB_bPNs3roBJ17s3DajhAm5Qs4lCn4MxvEyB14Hviuu7o9M6hr1RxJPatgs88b5wenUAQBlQ2FRMyTy56_Of4shABgNP6qcaAIjofEAq5Bjk5QYgynmRPHXGV38JQ-npKLZKqGXjcZjnxNT6UIJ_8OBdf-o3gMkfq5UJ3SIolV1h5xJ22wor8FnKMJCzIKtWXvwm_hxQCEC7I3BRUzbpHAxmWmszh0ZoK4-KNrIfNcR-DTLT5eD4yqSXRb1Q0IrORcepFhWtcPb3lH9eNLZuCIUSHstwoojogwthSBY2J8m7c3-Fl_RNCDobmaCm2oyYBu_x4gKWOBeFfzRXL2MBmbPAEz1mC8AEJAguqZw2kWGqFPSgR9yHqKVTsLaSaK_y-kXSVzsoC1XQ-qnhKrgTeyafEex0jVS0zYHkGgJIfuzz-UevSchFUGdUyokGdGgyR_YfHytHy_Q9qr_g-cnujLZKAJBPFIl_0Fk0ntbozaXkJNCTn7Lo2O4HbNwBdnUHmiOP-XSIyuLougNgbVX2z01Qs_uATAM_CAoY4wAH7feGWYlTJOv9WR-E-kuxI5E1c1GtldChtfIW65lpLVCSoEipA6xDU8t-mhnRAE66TH2pjeM6sIY6BUnVFOHNM1PUMXOFWaA3Cc8UPlludOHYSVOyfHEe-hGMctwqgKAiOXsVeznagKeJoTc0-q33xb6hXEpOV47aH13MoJtolM_tInmcH_v78M3H4vXoEFGwE_3QgZz80y6M0WX8nLnrjnGiYM5HYJ0LRxAP5X48XdvcDCnyOwN2F7pP7uyf_Mq2M6C8WbyDHkP0iUoKvEd7-xIzamZRbRLldWo71ZU_1UL9v11NPMKBpVkiI7LBFkAKXAaHyDmvKvCCB4CS5eK3Xj7rgXVHIDy2ASgA62E6tK7zVsYH2GHGE23zLVFN1w8thvotGyfqKhJOwO4XefK0qORq6AEwkPSCLhyin8cjyw_gWlkhRyom3vaydRaIHSgh6nfJVDCRkjemwHkFyMc2VgQ2A1n0esAYk08qImv28xwovU8NYsBYTxbCsuSlVBM5Nt4Dw9nihHmsD-0p6tPFMKsAmabxs1F8ij3Sm4fJtKlMj6rN2w1ublNN5QkDa0dKuYrTh0sju_qS0xU2ojQtD5rKAv237iNrSF3Nypt-znAiZPO4-N68TFswf5DvQjXQaUV4VPFGYUDr1h7muMqwqY6QAZmPc88-ZAv8UyK74TWQWmz2kTFK9iDM8Mbk4fdT188vD0dPhUSICCGmZi7cY4PmnydgBX_gdbnFa7XzwEjL13GPlOnbELmMBg7mNPmEBUReqhDz9oFX6PTQX-9LGacrBSlh2tToOmhVEsBa1QU3EzAKibwpAkPp_hQ984OhUGkC38k7zAXrQOZyQHdHjds00wqIqUpip7adWXH3bqrpEl2sKoXwySK8bIjGa4_qXTKELhUTygyR_a7VC6l3iNiUN8ttIhsvTBFI8b1riuE28S_58mjPpVs07wVKAJZbwpDql1e7Lni7x4C8oPoKI9nDf5QwhxvrJeIIZZ6iZGCZMIgiCPPKHaIleAp_V4P1cfjdln6C1OiNGTC6nnqEKeIeeR8ht5j5DYd2hfvdW3Wt6UDLLNuTNYxLtasAOjl7UqnZuPUUIdM6ADv7to-he5WQIjmPjp0H725vvlcFqqRNHLGHoaG4AJ16qpkEWpl0cuqB8d-iEPIMIYc1izSEwKQnuc48By8u88C83HJCtzkv9k8RE-Le5-Ganb8yjePPwmZQfk8TyJlYOzQHeYgiQxV1I061P3-cQCIbCFVo7WAE1kmP8GWAnuLRdeu5d7x1bwyEOhnIZx8R_WIdLJdaP5S9JJ3XwC7HoFgwFLPsX3dpfbejwnf3eaafyGePeDKutagemagM6pdo2tr8XiRWfYyDmBYtCQ5kkL5wL9vXGa9M-yBIrLtbsdfH9my5GCdP41e519dI3w7xV2PGAP2GpPAWYrTTf-o381fUts8HsZJpJf8rMchNdECkYiahJs-FJj43QyzDh1GHUiOZA9j0s7CI54mxkJjhCeVbjC9Jx7j0aRrx6H2dDfvD0qoUemkx3FJYrF9zccOSup86osZZKdWvDoKRsqhZtBCmRrYOxOddRmW5MPbTUAaLOoZVqAvLIprNpr9DHq89KbzIrWPzcvjOYQoULKJ8853gBlBx2FXDXw0cb8f9gJXxaOeZvex8yy3J3wwsgiJvp-CLSM-H7O9NrUfemCtvZLET8dL4NcUOLrUhV0nGfNhV0iQab6-KvgZIby4qXjN4Xer1qaR-QHZ7PYHVumyF-Itf0oiqLXMnRRHA25CVp3eNjuWGbizXLDgvYTWzazUEF1e6ab6czXXLfQymfJEcHQ6XPCrO_sCSYy4gpqaEIcl46poyJNvFOlig8ztpQ_px2_kAUThxrl87b8iHcLI0GBsuYBv0B_kUOW733hgxvxFEM6YCIoqN52O0nAgzXXloSBP_YEXtx-mLXzagyFF0lJrIuqb1cI1LN8p7gm3d0fk3gvhWCLudsDhYaB9giO3j6Vz7IAtMCnQSq8mEDpIx1BowpbFxg536utctskIkrcVR7t1gGA8yTWlyNxO5MF6KnoN7yjIRT9d2k7m6tJpevOlU-tH05rmkYSSJi8qMvsZeLXZwQz7Lle0S2_fK_bz5eZ6IMtMcUDEEKJ8rtnOXurUFOIfsJ1simwMNX6cjM9Ws7PgEHwafkMVlapNVoTd3EH0eljfG-wFcwQSnKXJcd5nzaJ41hbBMTJ-ZA2FXXZsNM_g-iuI_dAS5bL9-um4lCdGoLNpWLMeK13Nw_rt9lVMDUsijyu049abnTCT4&cid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

cafe /

Resource Hash

7141e4ec807e869b2bd436ff778acfcccafdcef7182ae50e2e5fc9116dc84e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15826
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 50E5 0
0 54ms
53ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cuolnxf5MYsWKFsa73gOniqGYDPOayrtn2OrmrcMPh6ibzIgKEAEgxZ60HWCV4qaCsAegAe7JlO8CyAEFqQLjpLaZ-EuyPqgDAaoEjwJP0LgOZxSNb5yT1gCV3h7nUb2xUUVdSyLx_GdthjxukQxLHu9jUi1S7Zs_ESPtjXCW8hF4rB1YPOBnPOpS3lZbuNGwMfdrGI4DqCX5GkkRso6Pqp4mw5m8xMTJRE0-oWg_siEmllKhXi3NFlnOZWZRiZRAGt9-Idn2eVlvKPKAHkbUz9Hq-yd13J1exatwh2QGF14VeOmFZrWp78a9GXxkXDIH1brdkmEC7fbdtg_L9JTxsmPuRAVdaIKtLKnXEoxjHntAlg0i8ccoZIo68DpUiM7UGTEiJK3NMcW1M0DovhcZMhXWLy8TVCJVnBI7U43rOqLbEh96PaXy9OLjckFxAi2kHgU99uYO6M5HT4O2wASHpY3w9wPgBAOIBer5-ME6kgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAf6teuQAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMnLQhi17ti-AdIICQiI4YAQEAEYHYAKA8gLAbATtePjDsgTu-D83gPQEwDYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNDA2OTY5MzI5MTM5MTI2NxiKph0&sigh=-757rNEAT6U&uach_m=[UACH]&cid=CAQSPgCNIrLMjbEbJ4iP7LjbkKuS2k-3pvwH1y_tpTPn76GOIHM5wWtkA1ubDQd6SabBRGoM2hlmZcedIeEt-DmV&vt=10
Requested by: Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 50E5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b81f315e74b790047f70ce5797dde99ace3dfc42a24b810b9dc79d3beb21e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 145 KB
51 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c526894418a500d80d670743554894db03728c58ae40d076c7e058d8f2a818ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52632
x-xss-protection: 0
server: cafe
etag: 15605635398153732782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 02:45:26 GMT

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 341ms
102ms Preflight 3.212.253.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.253.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-253-181.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.onmanorama.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Wed, 06 Apr 2022 02:45:26 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 97 B
653 B 40ms
40ms Script
text/javascript 54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22DE%22%2C%22mb%22%3A%220%22%7D&callback=cb1649213125609_2

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1649

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-90-159.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

1cc300d92b888739e0466d8ff44ff6c18d8f4b86dfa5e1d2807141d279e6e036

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 97
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
122 B 103ms
103ms XHR
application/json 3.212.253.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1649
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.253.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-253-181.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 06 Apr 2022 02:45:26 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D9D1 22 KB
8 KB 22ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 112232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 19:34:54 GMT
expires: Tue, 04 Apr 2023 19:34:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/520/ 43 B
1009 B 89ms
23ms Image
image/gif 51.195.5.38
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/520/9.gif?puid=52ad677a-c8a6-41a1-8989-e128e4cb2a40&callback=https://collector.effectivemeasure.net/sync_webhook/mediarithmics/%7BID5UID%7D

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.38 , France, ASN16276 (OVH, FR),

Reverse DNS

p16.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 02:45:25 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1

200
OK

3e1b2584-10ec-4121-9026-124aa63dee42
collector.effectivemeasure.net/sync_webhook/carbon/
Redirect Chain

https://eus-api.ccgateway.net/v1/s/narratiive-syndication?puid=52ad677a-c8a6-41a1-8989-e128e4cb2a40&rdurl=https://collector.effectivemeasure.net/sync_webhook/carbon/{{ccuid}}
https://collector.effectivemeasure.net/sync_webhook/carbon/3e1b2584-10ec-4121-9026-124aa63dee42

35 B
288 B

41ms
40ms

Image
image/gif

54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/carbon/3e1b2584-10ec-4121-9026-124aa63dee42
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Server: 54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location: https://collector.effectivemeasure.net/sync_webhook/carbon/3e1b2584-10ec-4121-9026-124aa63dee42
date: Wed, 06 Apr 2022 02:45:26 GMT
content-length: 118
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

google_gid
collector.effectivemeasure.net/sync_webhook/ddp/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEMrgUL2ZtLhfqcEYSa-4v1A&google_cver=1

35 B
288 B

42ms
40ms

Image
image/gif

54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEMrgUL2ZtLhfqcEYSa-4v1A&google_cver=1
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Server: 54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEMrgUL2ZtLhfqcEYSa-4v1A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

642d624c-fec6-4500-af6a-f0dae29f47b5
collector.effectivemeasure.net/sync_webhook/mediamath/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID]
https://collector.effectivemeasure.net/sync_webhook/mediamath/642d624c-fec6-4500-af6a-f0dae29f47b5

35 B
288 B

39ms
39ms

Image
image/gif

54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/mediamath/642d624c-fec6-4500-af6a-f0dae29f47b5
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Server: 54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: MT3 4320 2f2dfe5 master zrh-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://collector.effectivemeasure.net/sync_webhook/mediamath/642d624c-fec6-4500-af6a-f0dae29f47b5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 06 Apr 2022 02:45:25 GMT

GET
H/1.1

404
Not Found

/
collector.effectivemeasure.net/sync_webhook/lotame/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://collector.effectivemeasure.net/sync_webhook/lotame/

0
274 B

40ms
40ms

Image
text/html

54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/lotame/
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Server: 54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://collector.effectivemeasure.net/sync_webhook/lotame/
expires: 0
cache-control: no-cache
x-server: 10.45.26.176
content-length: 0
x-consent: absent

GET
H/1.1

200
OK

4294400440322830498
collector.effectivemeasure.net/sync_webhook/adform/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1181
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181
https://collector.effectivemeasure.net/sync_webhook/adform/4294400440322830498

35 B
288 B

40ms
40ms

Image
image/gif

54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/adform/4294400440322830498
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Server: 54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
server: nginx
location: https://collector.effectivemeasure.net/sync_webhook/adform/4294400440322830498
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
338 B 141ms
40ms Image
text/plain 46.51.146.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=narratiive&partner_uid=52ad677a-c8a6-41a1-8989-e128e4cb2a40
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.146.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-146-69.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:26 GMT
cache-control: private, no-cache, no-store
x-request-time: D=48 t=1649213126
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

75360393-8e64-4f14-8b75-306c2a86f8fc
collector.effectivemeasure.net/sync_webhook/ttd/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1
https://collector.effectivemeasure.net/sync_webhook/ttd/75360393-8e64-4f14-8b75-306c2a86f8fc

35 B
288 B

40ms
39ms

Image
image/gif

54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ttd/75360393-8e64-4f14-8b75-306c2a86f8fc
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Server: 54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://collector.effectivemeasure.net/sync_webhook/ttd/75360393-8e64-4f14-8b75-306c2a86f8fc
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1 200
OK salesforce
collector.effectivemeasure.net/sync_cbpixel/ 35 B
288 B 50ms
41ms Image
image/gif 54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_cbpixel/salesforce
Requested by: Host: www.onmanorama.com
URL: https://www.onmanorama.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-90-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 100 B
552 B 93ms
42ms Script
text/javascript 54.76.90.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221649213126251%22%7D&callback=cb1649213125609_3

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1649

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.90.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-90-159.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

0f547e9161f7a6d3696e5aeea5290f31dcd09c78019ec5f3cdd4d42c855dc6c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Apr 2022 02:45:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 96
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B0DD 60 KB
24 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Apr 2022 02:45:26 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/js/ Frame B0DD 3 KB
839 B 21ms
19ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d6b0e748a63b28027344dd4121a4b705e5555587b56178edf920c1f6abde294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 10:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404955
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 810
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 10:40:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Apr 2023 10:16:11 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame FFCF 222 KB
61 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:32 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FFCF 16 KB
6 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FFCF 96 KB
29 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FFCF 5 KB
2 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame FFCF 42 KB
13 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 63293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Tue, 05 Apr 2022 09:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Apr 2023 09:10:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FFCF 6 KB
670 B 35ms
33ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 01:43:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Apr 2022 02:45:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 02:45:26 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FFCF 295 B
319 B 20ms
19ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 60741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 06 Apr 2022 09:53:05 GMT

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FFCF 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 07:29:48 GMT
x-content-type-options: nosniff
server: cafe
age: 69338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 11660698925711390587
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Wed, 06 Apr 2022 07:29:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FFCF 0
0 33ms
32ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQGhMHecPl7NlXR-5wHOfn3actQWje3jN3hxtl2JpjF889tMr-Y5HvqN2raGVlH317hD4DtYOSbAN8HOiF9xtNbk-nqQ
Requested by: Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FFCF 0
0 60ms
59ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CITO8xf5MYrbKJ4nF3gPiu4q4DZi0nYppzer4grgPlOL-lushEAEgxZ60HWCV4qaCsAegAaeryJ4CyAEJqQIOqMvSYEeyPuACAKgDAcgDCqoElwJP0JUopKv1ULhBCIyA7TVdyX93eD0LbcDD59qAApKxm3X6z_-9qUqNrgZy_oSbPX7E_a2ERtVxvioSvGUyL_hYHBUNK4Q_-_i98xs3phy0KeCwE5ybsZbYlYrHzE9b7bsE7xkvc7ytCogwPfcAm1vcZlWuDlB-RJBATHr5A0q1JJgArwm7abxMKVdUOz-rfdiCkxUgmaLZznxq6DDYbzSEqWNZ4d_65xKuKQN26y7oazCp5P2X2mBxT9Gvqc2dmBhvI-3c5FRrPGocD0KIN9FCf0Stj275pflbegiUGMa_9qUG6bIE5itV_XLS1rUUf3_71juLQqp0yfDRmdvanpNiJmyUs9wJpG5bB88i5nIlqDH6qbBgok_ABPnazbeABOAEAaAGLoAHwdS34QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBChkxjSCAkIgOGAEBABGB2ACgPICwHYEwOIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDA2OTY5MzI5MTM5MTI2NxiKph0&sigh=oPU3wEIhTyw&uach_m=[UACH]&template_id=484
Requested by: Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmanorama.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 02:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmanorama.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 02:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/ Frame F429 10 KB
4 KB 21ms
18ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 8050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 00:31:16 GMT
etag: 14837630671339829333
expires: Wed, 20 Apr 2022 00:31:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5039018416640417640/ Frame FFCF 4 KB
4 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5039018416640417640/downsize_200k_v1?w=195&h=102

Requested by

Host: 946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
URL: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

617904b24324b280bee029db665e34fbe517cedc61ed4f7e6244a25c0ae993bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 23:35:26 GMT
x-content-type-options: nosniff
age: 529800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4400
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 09:40:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Mar 2023 23:35:26 GMT

GET
DATA 200
OK truncated
/ Frame FFCF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dde3ddb8681ef3b8d89203923774f5449939ac2ca5e7ca7a8bff1927b10d5ebb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 50E5 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 13:10:14 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 50E5
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

103ms
17ms

Fetch
video/mp4

2a00:1450:4001:6f::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/107E1F2B4D75BBD9D61470D37F1C13058464C111.34AB4699E8BB26B12AF2FB8723F16949D8FC3D2B/key/cms1/cms_redirect/yes/mh/LX/mip/2001:1b60:1010:3:1012:c6cd:a5f8:364f/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1649211183/mv/u/mvi/3/pl/29/file/file.mp4

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:6f::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 02:45:26 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2722746
Last-Modified: Wed, 29 Dec 2021 00:47:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 06 Apr 2022 02:45:26 GMT

Redirect headers

date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 668
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/107E1F2B4D75BBD9D61470D37F1C13058464C111.34AB4699E8BB26B12AF2FB8723F16949D8FC3D2B/key/cms1/cms_redirect/yes/mh/LX/mip/2001:1b60:1010:3:1012:c6cd:a5f8:364f/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1649211183/mv/u/mvi/3/pl/29/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 50E5 0
45 B 274ms
50ms Ping
image/gif 142.251.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l1mywwfe&c=3958162798111&slotId=1979081399055.5&qqid=CIWB_NO1_vYCFcaddwodJ0UIww&fb=outstream-lima&gpm_i=10&gpm_c=10&gpm_a=10&smb=1000&br=892&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=14&vhc=0&msm=1&aits=17%2C36%2C18%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C0&webm=2&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&met.4=videopreviewvisible.18t
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lb-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FFCF 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 27937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FFCF 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 16:37:56 GMT
x-content-type-options: nosniff
age: 36450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 16:37:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FFCF 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 23851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 20:07:55 GMT

GET
H3 200 V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js Show response
pagead2.googlesyndication.com/bg/ Frame D9D1 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 09:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13731
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 09:52:56 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/ Frame F429 19 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fec7c1c795f22f7c075d8e6906ab81f59b4c4a8f56409861709e0493fef1587c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 8493395584220102122
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 02:05:32 GMT

GET
H3 200 17678427974767495997
tpc.googlesyndication.com/simgad/ Frame F429 10 KB
10 KB 23ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17678427974767495997?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn7crmtDnVw0Ngi0yrvPxPFnnejJw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f22bbac2d7a5bfb79a2244d2c92d9690759fd2b2e109c3eae28dbfeefd13e697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:02:35 GMT
x-content-type-options: nosniff
age: 103371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9834
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 15:58:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 22:02:35 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame F429 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 02:26:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F429 119 KB
36 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36931
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649071906742826"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Apr 2022 02:45:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame F429 15 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 02:43:41 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame F429 29 KB
12 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9097839e8760c5d8bce47d6e1f3c7d70ea5e9f9daf3186cf9e1628053dbc3b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 20:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11859
x-xss-protection: 0
server: cafe
etag: 2076209056752321960
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 20:43:58 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59A8 0
26 B 64ms
40ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvn5l_f0gPm6-RBYJJiGqM8l_slARtAzJc4IekofJ4fxqomEySIk3aqWs-A3BeFnZ6R3dh3zCT5PoiGwPRqoank4idj0iOHY1iF2jqx_60SXmbj9vtVWK53IqQYdUkVO1V35x7ZshRVOrH4e0ZhRmiaFBSqWB4PTtKS5FdEnzheE-xlUINv3M1-0DDc1lNIRHwFK2L6s57ov4ldgJpuTrbL0zxlmuIc9VxRtwB6vxsii4HXb6mfOvK9a9HGI-fYnV4JohA5ZTMrekyw1-NQUyvPY3-cBzySsmv1m6OyUo40fDZ_OgaVRxVbDsus-7Ne8Jgh3rvfdmGc3i2dcI92JTAPxaorKL8cPUpyiEkY4fbMx66aMWjpS39wBStWMt8qZ73TLm055WfSqhrrRPmVdAfJ9PQF7h0WZkzD02UQk4bMBbbXt7LCHuTZax2GT7F6YsemcdcWUaH9DksPExJOVmr5iGnGLC4pAvDfCps2l5wPZC4DOm237elnkjzurwtqyR-wi-x6C74OpPoJX0cDuqOx96HKKr7myAEHBe5ud33_FX0v0EbkI5P7FUF9roRz-Jg3NMYYzoPW5f1SehmbiS1AbRqyvDshZQ35_dVhq5zjfjUlHJVxZC9_H7Of6Tb8hoEVeqgNMTuirbdQyrONLKCFhVP0u4Mw5jhcBuKO4gSvbLuVW1iD8hjCeoayNjJaIiDuKG77BEXy1wJZyc6RN5YJjAJYjRFCQ5cjU6epQMInAe2JclI1Q-DMnSKoqQzIlE_N8D6nqeP-ZhGAQ3dHBBVrEM8CsOpZGCjGVY6XNntS548Tfd1Pm5fBpuYv6l_ncKdO-asWvvzN0BPdzeGXMihTcL5v1k7QlZhjZSTZu8dD73T6HmqyrvyF6nTpYS_1Y-LO5b9P8AW0A4pZuwiaAsmcOk3P65EkEO6_lwmV_JEXiVlgK8pqK0tuuOZKIc97x5QFdqvdWSb4qPkTggcbEQ61Vf-VSOyTbP0cQdhapMslbNMF1blzPjgF4ZCaWpIt3CntSPslx-x9DJx55tfHxbBz4IKnpMhq1rAl0-M4ZY281K-bq8C58pWllFAWUtSKodph9xuBtwptXy6zZOcrozTyKpIT-uyalbNTU7W73H4BDMzsT4J38LevqX9wO2P1HzlVKpeMCqNe-fjnIv6HyomydN-vwlkYVGzeqQyFIWqkNGijgFLcGmXhLUDBvVwl3_wBZBOP3noIRNEMt6y7RDAg9Da2GdP27v_V-GlVS4nBH_jnHNguwfUD1Zc5-vE&sai=AMfl-YRVsRGPtJeXNt_skWc5ZTNKJSoyg2ROd_rlhKJ7cdckiRM3ILIMyomH5V4UIojC4Y7MOdbGEQCHLjnkk_NAYCYo564vzhYoGCXSd7khM7y71UGmYGVhGZPJvvgBBHUiXKjOl3hQktLhtcRYmM5s4lgZdqGB3UHJFfiIoPmvHUSJJsZu3K-nMUM1-rbFN-iDaik5a29X1u3t7DuWQIIKrRhFMmGS8MPYGg&sig=Cg0ArKJSzEnKvbNZ21nHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=638&vt=11&dtpt=378&dett=3&cstd=256&cisv=r20220404.98388&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6D8B 23 KB
9 KB 19ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 414014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 07:45:12 GMT
expires: Sat, 01 Apr 2023 07:45:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3924 143 B
163 B 19ms
18ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 2292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 06 Apr 2022 02:07:14 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D8B 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 07:17:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 07:17:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3924
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

35ms
34ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Apr 2022 02:45:26 GMT
expires: Wed, 06 Apr 2022 02:45:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Apr 2022 02:45:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 50E5 3 MB
3 MB 39ms
19ms Media
video/mp4 2a00:1450:4001:6f::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.onmanorama.com
URL: https://www.onmanorama.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6f::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5bf285418fde8cd797cd4911fe5d156740917544bb6411da367d030c5f48cc3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2722745/2722746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2722746
expires: Wed, 06 Apr 2022 02:45:26 GMT
last-modified: Wed, 29 Dec 2021 00:47:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame 50E5 0
54 B 50ms
49ms Ping
image/gif 142.251.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l1mywwkp&c=3958162798111&slotId=1979081399055.5&qqid=CIWB_NO1_vYCFcaddwodJ0UIww&fb=outstream-lima&gpm_i=10&gpm_c=10&gpm_a=10&smb=1000&br=892&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252Fe6f1538521bb0188%252Fitag%252F343%252Fsource%252Fdoubleclick_dmm%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3785186846%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F392638537BC7A1E2D4E356B522BC89FD0032D05E.6FCD9186B7CDED73B4568A3A7840EC2C9D76CADB%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lb-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3343 35 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 09:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13731
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 09:52:56 GMT

GET akam-sw.js
www.onmanorama.com/ Frame 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 62ms
32ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022033101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

132deb47a61f43c75e7ff96cf7e095e38c3dd56e0c5772052d80fb1cb3a7dc35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Apr 2022 02:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10794
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=2B03B67EAAB149F78225123669D0A2AC&RedC=c.clarity.ms&MXFR=3ADA1F12E72864C904F60E6CE3286A45
https://c.clarity.ms/c.gif?CtsSyncId=2B03B67EAAB149F78225123669D0A2AC&MUID=0EFE228B06386B6A320B33F507536A93

42 B
368 B

38ms
38ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=2B03B67EAAB149F78225123669D0A2AC&MUID=0EFE228B06386B6A320B33F507536A93
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3C54BD4CCFA42E48F1489294BDB271D Ref B: FRAEDGE1517 Ref C: 2022-04-06T02:45:27Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=2B03B67EAAB149F78225123669D0A2AC&MUID=0EFE228B06386B6A320B33F507536A93
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9D1 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDfKIxf5MYt24LtGRjuwPzpWbwAcAAAAAOAHgBAI&bg=!DA-lD0vNAAZku-1yRLs7ACkAdvg8WgcvDwjkiBJ3a6chA8x-fju8ii2VOBhxkmkgiTCYPZfh-AMndwIAAAD5UgAAAAJoAQcKAF3UC4svKcFMur-DZi5tyvuCZXtPjYib7QRPER7ZdlYyfRAYSBWDRStZlqvku23KupGPzBAeXCgYP_pt1KhU0NnZ7-j8Fo_xrITgSU99IdBEDXbXwuwXM6peWzac_JeZAzc52UuXkmXVJYrSph69NkJvQrtl85SL7iamj2nrjOOOM_VozdeHxLOc5gtwUCzrzheoU2LoX1mgUqTgVvAMlp3PjCovHI3cn5GTF7CVobf85Ox4Tgr6j10oL8pZDc0Xf4UMJ9HvuB3KPy3hcGCmWSQimtR__qSMd5agQ7TnLODKlVPj0kScHqsJfeDbGVjWIoguvc2pcV2ERaBIOTK8Q1pQsq4RIJ0pSI_FG1S0y4gt63DHPKD9QfqOjjAt5erd_yvvFpte5enNAGMhrtHVU6gpBTcM2g9AMzcgWNUPcd3PTtXxJvULWXMNj_-Hlvi7L_udxOkw-hYBKXwvCz0VGQfWHrwkkTnRKw-ia5rErqJo7r46CyOPL72rp3z_XMgJJL__PM5maQLAHAjzpPCoWIFnvQZOLA5YoRUZwIEBdRJL_TDuFnNYLG4jBrwiuaVaFd1jvASh7Tq0GX8jptriJlS9l33ZYHaStN7qMxoXrtTSZDqnUlHYZW6H31yneRmXlU6lK_L9ULjM6ZTZ3dP3TpAG8RzNstYzCEccV_KX_873ZQPfC_y1LBmEqg1wxZVZJ0bN2dub6hKD8dpRpB6s7be36Q0X1R3_LlJYtwOxg2mM3INdt25b6eUccUNbZOrM1qq5wVEGetRICp6aX7ygPdEy6oMmITpA-LwVxEECtZ9Ur7_OySvwbtwbGFFRFAe4N185eNJ_uF_qISiFY6BIN997Nx588JHdDbwdIDFnmXly29no-aI2jzN-olT16StnBzLhpOjzy06dVV5z0WzhV0s4LaKPPWd9lqntfnUmY0lNyCgY_TUBtRKsS0hjUZWAuhQtHWodVKkowC4IrXE1lOESbfxG3Lu_s0rizuazncDMGkP2YGs1R5il1lg62ku2zRDhOP3U_XdbVbvsq8p-WmEDR62T4xigGg4LZ0cIunLj4lN6wIcbBPwJg1A6IP9u5qY3lj5QxOkgB2PxhLiNZWUTO9u3LAgvyxAbD31AYOYSRmGsalX_ig4CHIKm4otxKcekbhzF9qKPEQZSm928Ztimgb2hj7AtsFjMWinZ02PUoSuAVdmLOb_tyMW-DnHaebO9iCdGbTQe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI45611LX-9gIVOEIdCR2qYAV7EAAYACDgwJtOOhoIxNGIkQEQh6WN8PcDGLvg_N4DINjq5q3DD0ITCIWB_NO1_vYCFcaddwodJ0UIww;dc_rmcid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw;eps=CIjhgBAQARgd...
ade.googlesyndication.com/ddm/activity/ Frame 50E5 42 B
107 B 129ms
64ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI45611LX-9gIVOEIdCR2qYAV7EAAYACDgwJtOOhoIxNGIkQEQh6WN8PcDGLvg_N4DINjq5q3DD0ITCIWB_NO1_vYCFcaddwodJ0UIww;dc_rmcid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D922%26v%3D20220323%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D109621101%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1649213126839;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 50E5 42 B
64 B 32ms
29ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C4dDIxf5MYsWKFsa73gOniqGYDPOayrtn2OrmrcMPh6ibzIgKEAEgxZ60HWCV4qaCsAegAe7JlO8CyAEFqQLjpLaZ-EuyPqgDAcgDmwSqBJICT9C4DmcUjW-ck9YAld4e51G9sVFFXUsi8fxnbYY8bpEMSx7vY1ItUu2bPxEj7Y1wlvIReKwdWDzgZzzqUt5WW7jRsDH3axiOA6gl-RpJEbKOj6qeJsOZvMTEyURNPqFoP7IhJpZSoV4tzRZZzmVmUYmUQBrffiHZ9nlZbyjygB5G1M_R6vsnddydXsWrcIdkBhdeFXjphWa1qe_GvRl8ZFwyB9W63ZJhAu323bYPy_SU8bJj7kQFXWiCrSyp1xKMYx57QJYNIvHHKGSKOvA6VIjO1BlpI4axxQtTh6HFPQhy7YRIZN0JrqZ2hkxp66uY9zAB0TsHt_BtiSQQVWRvab2JTji47W_zIvBJp-HmQnzmqsAEh6WN8PcD4AQDkAYBoAZOgAf6teuQAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATtePjDsgTu-D83gPQEwDYEwqIFALYFAHQFQH4FgGAFwE&sigh=sKk7-1Zn-5M&label=part2viewed&ad_mt=18&acvw=sv%3D922%26v%3D20220323%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D109621101%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1649213126839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 50E5 0
27 B 50ms
47ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgM2R2FRjcdczuHrmNerDIJIsdrZ-S3Dtaf6o8bzOumHuy6RI0A5Ts1GUjI-9zuaipbtKnPCx-_fJN_KWaGC7Tq6Vldxopo50B7A3BhUB00wPQyk5FF1wmLUjY8n5mtRvYl5p3XhyNrYUqE_wEYrd6NSmzU4n82FvSWSgWWaUWhC1uNw3-sblKhrNfXt4EINmPZH-JrdDb7iCb_VSLTv2vVoxVzROHLCLlOAW8Co5LuRjsn70RhDmfVgnhzqJlYN_bT0zj4KmxtBoqhmLJpMHFPrqNMRV_zgpH9nEhqhoZ1w8Dth_aaRUvWIeq9vbzB514wqjWOVsgJ7acPWpIyi6xvzuuBAo9ReSGruDMyEkRmwgYa3FCBbdChSmOX3XH1JiVkI9Y6HyJKMdj_W0r8JvK29PH_x3oRfFfQSKYJ--KqwjIM5u4lAqntaMXtiSERHM0G15CZ1XinLmHC851C3Mh9G_DE5NYVY7gFJ-oN9d3thUr5uANFB3O7-dYHu0qWCpkoxAkfLZiKhLLie5KQudSBa299g95WfwFdnJtNCKk6f7qJYITHUp9Mo2tmVhv5kCzHMqZc_YWBd8w9cdCPMVj-yGD1mgf0GwffsX6W3qvmpfLXe-WPIFCDTyUccW6qX3yc6YT6cxjOuuJiqAT9N3vtJvPColfkWAq_eARzTfg0xECrb88oIbP2QfXan5tRAaT-hWl10sOu7paBk7wkt36D_-dfoxXHMOPVx50DKeoXEd8O9bYIVgIB-unBrTQgveW-v2Jo0a3tz6uj_1ye0vXwIkIpAqttw1Id57ecXXJ_wPLUo_RMRq8lbPmCfSieXgmD2nsOjFNFmr61ZIudOVzJ7x22q5vSYXEM8XRIR2hgExmTJcKbdzRCJ9tgWJ2iLr53wep-TvxuCdmCDdK-7StA-RRDd1YEILD_QXu7ShJU6rtU5yXnS7_7vmMoYQWUgSJn8fv2cEYsRyyNHnkfmIXWVXbGxxjlp1X1wdHJXltFGtyb1Glu31LqUJVQMf4ZmVQcnbpogE4IT1VkToPyHDe6Rs9tT-A418t_XEjFJ47WvbwoADIg_wCc-ejDUO0EFfAWXrwy4XkyNCbikFs3VEVHvtttjCyUZDljDgohLQg8BPCa-tR78V1FQeDvq8c39rxXPHDYKIHuRAdyAeIN7n_F2IYCrHRoRDcTAcsZe6ftZmnJKF7zKM_&sai=AMfl-YSxFFNm2uvcbAtN_YjKkRM0ecQ4x7nu2yuSfMfmIxgbm-5LBNAnfkwUVqnocnBEBVhwkCdo0lqeX9OX9x8De_T4SrWx6GN0wEHmFqSeJPp9rsBlj6TQ33ZhPFNzQOP_gfy6iple_wk73PxG28dk8-f-TEO4vozATcnJAoX1Ul4foxn4npi0y2_XsUbe0Ii0u5EAQXn3HwfuYnkYkY9vqKRYdBFMpCs&sig=Cg0ArKJSzA_KdczyryhXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 06 Apr 2022 02:45:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 50E5 0
0 36ms
33ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxrjnARi17ti-ASABMAE&v=APEucNUGj_FpRzdJMerqImOkOhfBD71pS11lqjtpAESFiBACTVwcQuc2hxHADa4rv6_heCjDIuo-siCbS0645-x2UVuWGGtJhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50E5 0
20 B 55ms
51ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI45611LX-9gIVOEIdCR2qYAV7EAAYACDgwJtOOhoIxNGIkQEQh6WN8PcDGLvg_N4DINjq5q3DD0ITCIWB_NO1_vYCFcaddwodJ0UIww;dc_rmcid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw;eps=CIjhgBAQARgd...
ade.googlesyndication.com/ddm/activity/ Frame 50E5 42 B
494 B 128ms
64ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI45611LX-9gIVOEIdCR2qYAV7EAAYACDgwJtOOhoIxNGIkQEQh6WN8PcDGLvg_N4DINjq5q3DD0ITCIWB_NO1_vYCFcaddwodJ0UIww;dc_rmcid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D922%26v%3D20220323%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D109621101%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1649213126839;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 50E5 42 B
64 B 45ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSU0yRhkg09x-6Xi5Z-T0SkKkkHYroY6_Q-gHpw527GFN-mpfNcreh1GRw7oJiXeB4gU3N6n3MkmfLZasQxq_k8gKE2pX5WK0j_dMIQDIvG7oiLbUUOA&sai=AMfl-YRlpuypqEqDDSSUPvIHlBn3g_-rrUw_CQ1UDl091LID6VUpQ62NyUljg3-MiAiwAA0oaFTw8hy4BBCMWPLEVnTWDq4euLyD9CS9DvfS3ygi7Fb2teZjW_AVDIoYIfM&sig=Cg0ArKJSzN-iVMiG34WhEAE&cid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw&id=lidarv&acvw=sv%3D922%26v%3D20220323%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D109621101%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1649213126839&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 50E5 42 B
64 B 36ms
32ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C4dDIxf5MYsWKFsa73gOniqGYDPOayrtn2OrmrcMPh6ibzIgKEAEgxZ60HWCV4qaCsAegAe7JlO8CyAEFqQLjpLaZ-EuyPqgDAcgDmwSqBJICT9C4DmcUjW-ck9YAld4e51G9sVFFXUsi8fxnbYY8bpEMSx7vY1ItUu2bPxEj7Y1wlvIReKwdWDzgZzzqUt5WW7jRsDH3axiOA6gl-RpJEbKOj6qeJsOZvMTEyURNPqFoP7IhJpZSoV4tzRZZzmVmUYmUQBrffiHZ9nlZbyjygB5G1M_R6vsnddydXsWrcIdkBhdeFXjphWa1qe_GvRl8ZFwyB9W63ZJhAu323bYPy_SU8bJj7kQFXWiCrSyp1xKMYx57QJYNIvHHKGSKOvA6VIjO1BlpI4axxQtTh6HFPQhy7YRIZN0JrqZ2hkxp66uY9zAB0TsHt_BtiSQQVWRvab2JTji47W_zIvBJp-HmQnzmqsAEh6WN8PcD4AQDkAYBoAZOgAf6teuQAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATtePjDsgTu-D83gPQEwDYEwqIFALYFAHQFQH4FgGAFwE&sigh=sKk7-1Zn-5M&label=vast_creativeview&ad_mt=18&acvw=sv%3D922%26v%3D20220323%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D17%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D109621101%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1649213126839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 50E5 0
54 B 350ms
49ms Ping
image/gif 142.251.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l1mywws8&c=3958162798111&slotId=1979081399055.5&qqid=CIWB_NO1_vYCFcaddwodJ0UIww&fb=outstream-lima&gpm_i=10&gpm_c=10&gpm_a=10&smb=1000&br=892&mt=video%2Fmp4&vs=640x360&dm=20000&event_name=first_play&asset_bytes=214514&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1ly~videopreviewstarted.1lz
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lb-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066949

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Apr 2022 02:45:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A44 13 KB
5 KB 36ms
36ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 11167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 23:39:19 GMT
expires: Wed, 05 Apr 2023 23:39:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 65BC 783 B
535 B 36ms
35ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f27da0bae57cb1ee192f30f4c4c63d8062eb78a241092e9667bc668dc37e2539

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nN1aE55RZOi55Z/JLLGa6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-nN1aE55RZOi55Z/JLLGa6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Apr 2022 02:45:26 GMT
expires: Wed, 06 Apr 2022 02:45:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D8B 0
20 B 67ms
66ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B1Wzcxv5MYuOjEriE9fgPqsGV2AcAAAAAOAHgBAI&bg=!X1ylXBjNAAZku-1yRLs7ACkAdvg8Wqowc_GOWoMdwby-85Aq0nAhH40zNPdZyfCr4JQC3ZHPHH9nLAIAAAENUgAAAAJoAQeZAv4qBLfE42PoYSOFdYITSs2uyGduGCjsObHE3XTh0Vp_x86WFmMeXQqMIxMUfiXw7zCDj9KjVew3nI5TSBzf4nNStu6g4Hfn4mSfEiPcOqNXzVjCstYz0vYcKNq-Jzbf2KejtXcd8Xgkv9AV4U1SCygDlLRQtzQaY012_HJnqSiwN-P-pBILau9-IR_jJoaONJowpkBARCT3ZljdbXgqQUHHGFozwlyX1Y26LYwWol-1fCFAArE035WLsWN878yeMhWz53KUIxLSuROn_jrDZP4LFrj4M-6XKehiZqlDMVf7qAe8oAWbxLiM8grbtJ6XKY1HCgAQ7hdSzgSBES4Mx98hrK5spJ6noRdWef6jTm2Mha67i9g_KPes_eYvwvxh8oQXRgP36e4YEbpU0jrYKYAPYGXvXQ7bk-VJ7fvZY7vMcZV8DP3pg6gKlVdGc3cYIq46EukVlkGiGoANoUM48ZKfI4EhkR21UF_mq-BYATOe58Va3W4uN4WUESMC88gLPwUtr5-ZcHaVgsychsNWrMT9r40QRW5uYzNONBDWQZ_dVPU9ddSAtqzxv0Ytvf1nghIDT-NeRZpeMWXU4LFTpcLBXiME-Ce-8I2SLT1vbtvC3B_ZGm0AbPgoOvVnhUQKo3j_LM9tJpFPnvPqe86qsCsoDmXHL5sJhUpMF5sZkMdcu5cRODh84EOyfNYikJJgXYbhgvz0DVXIt1K3-3nhfAJ9HPrjUaAothxYVDZoTejPyP8zZT2g1E-_dzzn3nJhr99PIPtL3DOLmydXoH037r6wUW5iweAS23ro-KzUJCaZJij33eBBEZepKZP53-Jq9Y_rlU0yrMYUFGJ9ukvVSbcVjLkUWLkeSjS8b9Qk16l5Ub7qDgK4x8FPSziKLkR5VZNyxQKDTipfARA-sbckJTkhxXdfbzipiq-QvtjeknTkrXSsEQhWwIvkja3LHFLsKRjtgjJUPskpAbU_tEq_Ct8yLKMAz4hNmaax6faxRb4KHF3-yWkjSHY1FUev-MQL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

results.txt Show response
3fznpbk4ppbkiysm73dq-pdafho-3c42d3037-clientnsv4-s.akamaihd.net/eum/ Frame F14D
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pdafhomjz
https://3fznpbk4ppbkiysm73dq-pdafho-3c42d3037-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

382ms
18ms

XHR
text/plain

92.123.194.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://3fznpbk4ppbkiysm73dq-pdafho-3c42d3037-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 92.123.194.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-137.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 02:45:27 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://3fznpbk4ppbkiysm73dq-pdafho-3c42d3037-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Wed, 06 Apr 2022 02:45:27 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
eaarwyaqcaaagkqce3yab3yaabrez7wh-pdafho-31f583015-clienttons-s.akamaihd.net/eum/ Frame F14D
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pdafhomjz
https://eaarwyaqcaaagkqce3yab3yaabrez7wh-pdafho-31f583015-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

330ms
18ms

XHR
text/plain

2a02:26f0:ef::5c7b:c244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eaarwyaqcaaagkqce3yab3yaabrez7wh-pdafho-31f583015-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:ef::5c7b:c244 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 02:45:27 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://eaarwyaqcaaagkqce3yab3yaabrez7wh-pdafho-31f583015-clienttons-s.akamaihd.net/eum/results.txt
Date: Wed, 06 Apr 2022 02:45:27 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 65BC 0
0 69ms
69ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022033101&jk=472305527291753&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A44 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 09:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13731
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 09:52:56 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E651 42 B
64 B 43ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstimEz2TtB6SiHQ2LEME2byA09BCRfMLHsc3KZwcbW8BpiEopYp8bnAPBgaaljOEjn2g4HGcel9fHJS69cur6LH-A40q1j7SzHt6OyLGfS18AsMA0KFjg&sai=AMfl-YQYn0lw1ukeqXmnGk-BJB8bj4R0IDCl0RoCC311Ig1sVyjTEIX3cIAar9zsr9GODB1mHAMcAcPhQCsuRJITlNV8Jk8qA0e4I8QKprKsROiF8Xzy4aY0C4xDcOWw5hY0&sig=Cg0ArKJSzGiYwcPw559EEAE&id=ampim&o=315,10&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,0,1006,1006&tos=0,0,0,1006,0&tfs=595&tls=1601&g=100&h=100&tt=1601&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1569053239

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9A44 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?o5Y6AQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 02:45:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 103ms
102ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://www.onmanorama.com
date: Wed, 06 Apr 2022 02:45:26 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 204 /
02179910.akstat.io/ 0
204 B 36ms
35ms Ping
image/gif 69.192.160.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://02179910.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/J3MDQ-48JJW-ZLEFB-4N52D-G4L2D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

69.192.160.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:27 GMT
content-type: image/gif
access-control-allow-origin: https://www.onmanorama.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Wed, 06 Apr 2022 02:45:27 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/css/ Frame B0DD 2 KB
463 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccbe0d464b4387917c023a5865c4c3c50724b4e471fd66759678dd5169f1fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17833318120023528681/18-IWE-eSUV-Leaderboard-728x90-Range_Phase2_2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 10:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404955
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 434
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 10:40:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Apr 2023 10:16:12 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
25 B 440ms
227ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://www.onmanorama.com
date: Wed, 06 Apr 2022 02:45:26 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FFCF 0
0 53ms
52ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTvtOxf5MYrbKJ4nF3gPiu4q4DZi0nYppzer4grgPlOL-lushEAEgxZ60HWCV4qaCsAegAaeryJ4CyAEJqQIOqMvSYEeyPuACAKgDAaoElwJP0JUopKv1ULhBCIyA7TVdyX93eD0LbcDD59qAApKxm3X6z_-9qUqNrgZy_oSbPX7E_a2ERtVxvioSvGUyL_hYHBUNK4Q_-_i98xs3phy0KeCwE5ybsZbYlYrHzE9b7bsE7xkvc7ytCogwPfcAm1vcZlWuDlB-RJBATHr5A0q1JJgArwm7abxMKVdUOz-rfdiCkxUgmaLZznxq6DDYbzSEqWNZ4d_65xKuKQN26y7oazCp5P2X2mBxT9Gvqc2dmBhvI-3c5FRrPGocD0KIN9FCf0Stj275pflbegiUGMa_9qUG6bIE5itV_XLS1rUUf3_71juLQqp0yfDRmdvanpNiJmyUs9wJpG5bB88i5nIlqDH6qbBgok_ABPnazbeABOAEAaAGLoAHwdS34QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBChkxjSCAkIgOGAEBABGB2ACgPICwHYEwOIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDA2OTY5MzI5MTM5MTI2NxiKph0&sigh=SpTZ4lcLsB8&vt=1&template_id=484&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FFCF 42 B
64 B 47ms
47ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssy44f-6BFBJvRSeUnoprd2anmSApD1oEVYvhqsBBtXBixryL5GWg60awdGVd_WyAuxpfWBFSNF9K4vrWl-R_VTk81HfAoT-3FJcd-8ydAtVhKzqoAmWg&sai=AMfl-YTAM6ZujPWoh6GJQUpLqQ-fVt23fXQFg_3fpIaOgx4koOh17EBnBjQa7yuP9Tm2jJFRHemJNTzELMStZArbyTK8Mdnb_aWeCIsuMICd5rTzBBieoZ41sqCeLRo&sig=Cg0ArKJSzFokMirw2GfsEAE&cid=CAASF-Ro5Qm5O_0tKR8dBR9Y3rtnDHOE8DN5&id=ampim&o=1277,1147&d=320,50&ss=1600,1200&bs=1600,1200&mcvt=1028&mtos=0,0,1028,1028,1028&tos=0,0,1028,0,0&tfs=421&tls=1449&g=100&h=100&tt=1449&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=4175618108

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022033101&jk=472305527291753&bg=!QkGlQQXNAAZku-1yRLs7ACkAdvg8Wm70fSQGmeUY8WXtUU9rpIzGN_ntzRVDm4_0FY3Rjk1rhZhzdwIAAAB2UgAAAAJoAQcKAD1_og6IVUtIEQe6Mue7Ml-C9Xwey3gUqpjoXUPAwVtaiU1_ZNAOMFPUhV1clvwaeaaWYlIbL1LSrobTDmGymQKjtPMMA143_wG-RgdyyTzs11IonH58Q1yolQnCdyR3d3x3s6k-ZX7Q8x_5D41O0PNWeGFZ_d0-XmSaRT60uJATMl82lOAAJd1tBkqzkd2SjiB9EwLtLeaRc-K1dEhlEpwdjTVka8zqLHjBWODFFjb5ZbGxyNK3YXJehvTwN_r4kG-aqbdixLNYjrFCOIURUo6ONLFd48U6folav0kBwPaptZusYcF-_Ot8o-5kRMOwN4hy15z5_Ejwk20uDSsgv9sTNlCgTf9IR1fjF502Tb1YYVddq_Yy3VA7Lgn7bZFa8AcHvtlP0jMbUUWsl8U4174AUfO83x1e0JYiBAfcRVoyRz16nKQSJhxvCWs3PF48ElGZ4myPZJhRIZYGNvJ8BigfPNWKVBXxdE1qlpjVYbiMNCadh08JoFjmqchPkFCPyDkjUN2dKChLA9GYsIq1q840Q1yYgtJaqv8G-T7BXW54S2ex7Cer-W7DBSCao0530aTlNfrRwjt-D_oJ45Ub7kMYdkNEt32MDE_616sG1v7cp7V3_erqiDJkbP4q_2eiEs6FuxpPHRHyykax3Ar6ZQAELwGJGMA9aWNZVbwwHE1hIQZ5FFrAFGZprUwhLXi6XO47pXf-8aar8dNUCTYEYPvjIc-E_ulrue-u8e7CTvvEMO1rFIsUYLyW0qwBFYbYMWAS4nmtJqkrUNczkD7RlVt_dBCpHWUzaWSpM2_VCwtxMFbLqw_T-mbPCK6OYYTPllhOX7kFfKg_LN5NVpreOx5BiM8-XmviERjG6Y7rdl5hRdfSGuXjkbq0TEAt401_gMWhPSxN5WChoXg4sk9jlwN76tJY4aSLdgr-Sxgdxo3zvLmAM8Qq6Zz85nExpFJnF0XIoBgB6KSZXEN2zzjqxpsyjbq8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.onmanorama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
scribe-news.mmonline.io/ 15 B
300 B 202ms
47ms XHR
text/plain 54.76.43.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scribe-news.mmonline.io/t
Requested by: Host: sdk.mmonline.io
URL: https://sdk.mmonline.io/js/lens-publisher.1.1-latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.43.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-43-248.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.onmanorama.com
date: Wed, 06 Apr 2022 02:45:28 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15
content-type: text/plain

GET
H3 200 dc_oe=ChMI45611LX-9gIVOEIdCR2qYAV7EAAYACDgwJtOOhoIxNGIkQEQh6WN8PcDGLvg_N4DINjq5q3DD0ITCIWB_NO1_vYCFcaddwodJ0UIww;dc_rmcid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw;eps=CIjhgBAQARgd...
ade.googlesyndication.com/ddm/activity/ Frame 50E5 42 B
63 B 80ms
53ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI45611LX-9gIVOEIdCR2qYAV7EAAYACDgwJtOOhoIxNGIkQEQh6WN8PcDGLvg_N4DINjq5q3DD0ITCIWB_NO1_vYCFcaddwodJ0UIww;dc_rmcid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D922%26v%3D20220323%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2008,0,0,0,0%26mtos%3D2008,2008,2008,2008,2008%26amtos%3D0,0,0,0,0%26mcvt%3D2008%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2180%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D31%26pst%3D203%26dur%3D20010%26vmtime%3D2197%26dtos%3D2008%26dtoss%3D1%26dvs%3D2008%26dfvs%3D2008%26dvpt%3D2180%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D109621101%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2008;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1649213126839;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 50E5 42 B
64 B 42ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSU0yRhkg09x-6Xi5Z-T0SkKkkHYroY6_Q-gHpw527GFN-mpfNcreh1GRw7oJiXeB4gU3N6n3MkmfLZasQxq_k8gKE2pX5WK0j_dMIQDIvG7oiLbUUOA&sai=AMfl-YRlpuypqEqDDSSUPvIHlBn3g_-rrUw_CQ1UDl091LID6VUpQ62NyUljg3-MiAiwAA0oaFTw8hy4BBCMWPLEVnTWDq4euLyD9CS9DvfS3ygi7Fb2teZjW_AVDIoYIfM&sig=Cg0ArKJSzN-iVMiG34WhEAE&cid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw&id=lidarv&acvw=sv%3D922%26v%3D20220323%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2008,0,0,0,0%26mtos%3D2008,2008,2008,2008,2008%26amtos%3D0,0,0,0,0%26mcvt%3D2008%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2180%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D31%26pst%3D203%26dur%3D20010%26vmtime%3D2197%26dtos%3D2008%26dtoss%3D1%26dvs%3D2008%26dfvs%3D2008%26dvpt%3D2180%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D109621101%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2008&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1649213126839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 110ms
110ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.onmanorama.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://www.onmanorama.com
date: Wed, 06 Apr 2022 02:45:29 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI45611LX-9gIVOEIdCR2qYAV7EAAYACDgwJtOOhoIxNGIkQEQh6WN8PcDGLvg_N4DINjq5q3DD0ITCIWB_NO1_vYCFcaddwodJ0UIww;dc_rmcid=CAASJ-Ro9P9cjEzlU2Aippanf9Vet19NipHG-WYwypiqIKEI-nkDNh7omw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D922%26v%3D20220323%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D5032,0,0,0,0%26mtos%3D5032,5032,5032,5032,5032%26amtos%3D0,0,0,0,0%26mcvt%3D5032%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5204%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D203%26dur%3D20010%26vmtime%3D5230%26dtos%3D3024%26dtoss%3D2%26dvs%3D3024%26dfvs%3D3024%26dvpt%3D3024%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D5032,5032,5032,5032,5032%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D109621101%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,5032;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1649213126839;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 50E5 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C4dDIxf5MYsWKFsa73gOniqGYDPOayrtn2OrmrcMPh6ibzIgKEAEgxZ60HWCV4qaCsAegAe7JlO8CyAEFqQLjpLaZ-EuyPqgDAcgDmwSqBJICT9C4DmcUjW-ck9YAld4e51G9sVFFXUsi8fxnbYY8bpEMSx7vY1ItUu2bPxEj7Y1wlvIReKwdWDzgZzzqUt5WW7jRsDH3axiOA6gl-RpJEbKOj6qeJsOZvMTEyURNPqFoP7IhJpZSoV4tzRZZzmVmUYmUQBrffiHZ9nlZbyjygB5G1M_R6vsnddydXsWrcIdkBhdeFXjphWa1qe_GvRl8ZFwyB9W63ZJhAu323bYPy_SU8bJj7kQFXWiCrSyp1xKMYx57QJYNIvHHKGSKOvA6VIjO1BlpI4axxQtTh6HFPQhy7YRIZN0JrqZ2hkxp66uY9zAB0TsHt_BtiSQQVWRvab2JTji47W_zIvBJp-HmQnzmqsAEh6WN8PcD4AQDkAYBoAZOgAf6teuQAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATtePjDsgTu-D83gPQEwDYEwqIFALYFAHQFQH4FgGAFwE&sigh=sKk7-1Zn-5M&label=videoplaytime25&ad_mt=5230&acvw=sv%3D922%26v%3D20220323%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D5032,0,0,0,0%26mtos%3D5032,5032,5032,5032,5032%26amtos%3D0,0,0,0,0%26mcvt%3D5032%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5204%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D203%26dur%3D20010%26vmtime%3D5230%26dtos%3D3024%26dtoss%3D2%26dvs%3D3024%26dfvs%3D3024%26dvpt%3D3024%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D5032,5032,5032,5032,5032%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D109621101%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,5032&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1649213126839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Apr 2022 02:45:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.onmanorama.com
URL: https://www.onmanorama.com/akam-sw.js

Verdicts & Comments Add Verdict or Comment

310 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
collector.effectivemeasure.net/beacon	1970-01-20 10:45:17	Name: c3 Value: 1
collector.effectivemeasure.net/beacon	1970-01-20 10:45:17	Name: gc Value: DE
collector.effectivemeasure.net/beacon	1970-01-20 10:45:17	Name: mb Value: 0
collector.effectivemeasure.net/beacon	1970-01-20 10:45:17	Name: dmp Value: 1649213126251
.onmanorama.com/	1970-01-20 02:06:56	Name: AKA_A2 Value: A
www.onmanorama.com/	1970-01-20 02:07:36	Name: cr_default Value: 0
www.clarity.ms/	1970-01-20 10:52:29	Name: CLID Value: e8b822ebab7844979b76ac8c5ed3a11b.20220406.20230406
.onmanorama.com/	1970-01-20 19:38:05	Name: _ga Value: GA1.2.797995697.1649213125
.onmanorama.com/	1970-01-20 02:08:19	Name: _gid Value: GA1.2.1163714855.1649213125
.onmanorama.com/	1970-01-20 02:06:53	Name: _dc_gtm_UA-208232-49 Value: 1
.scorecardresearch.com/	1970-01-20 19:23:41	Name: UID Value: 1B0f6bc1ef9bd133fe85e0e1649213124
.onmanorama.com/	1970-01-20 02:06:53	Name: _dc_gtm_UA-208232-19 Value: 1
.onmanorama.com/	1970-01-20 02:06:54	Name: l_sid Value: a087cad3-25fe-4c09-aee3-3531f9c9f1df
.onmanorama.com/	1970-01-20 19:38:05	Name: l_sidx Value: 1
.onmanorama.com/	1970-01-20 19:38:05	Name: l_aid Value: 52f8ad11-b97c-4e9a-99e4-9f8748c18a45
.www.onmanorama.com/	1970-01-20 10:52:29	Name: loginSCount Value:
.onmanorama.com/	1970-01-20 02:06:53	Name: _gat_gtag_UA_159929110_29 Value: 1
.onmanorama.com/	1970-01-20 10:52:29	Name: _clck Value: 1g7jo5v\|1\|f0e\|0
.onmanorama.com/	1970-01-20 11:28:29	Name: __gads Value: ID=782b960e45f30827-222de74070cd0081:T=1649213124:S=ALNI_Mb-2dWJlwzqJ7jb9VX10gJnJaR_RQ
collector.effectivemeasure.net/	1970-01-20 10:45:17	Name: vt Value: 52ad677a-c8a6-41a1-8989-e128e4cb2a40-17ffcc334d9-610fa952
.casalemedia.com/	1970-01-20 10:52:29	Name: CMID Value: Ykz.xZ-OEi0maSRvn-3FeQAA
.casalemedia.com/	1970-01-20 04:16:29	Name: CMPS Value: 3194
.doubleclick.net/	1970-01-20 11:28:29	Name: IDE Value: AHWqTUkQKvceT4BDWVvJD4GjXxQ7kWyu9bDltMhdPLXqr5uamL40dR7_gCg62bsrUiY
.adnxs.com/	1970-01-20 04:16:29	Name: uuid2 Value: 7124026301807272873
.onmanorama.com/	1970-01-20 02:08:19	Name: _clsk Value: 374to5\|1649213126000\|1\|1\|i.clarity.ms/collect
.onmanorama.com/	1970-01-20 10:45:17	Name: _em_vt Value: 52ad677a-c8a6-41a1-8989-e128e4cb2a40-17ffcc334d9-610fa952
.onmanorama.com/	1970-01-20 02:06:54	Name: _em_c3 Value: 1
.casalemedia.com/	1970-01-20 04:16:29	Name: CMPRO Value: 1124
.casalemedia.com/	1970-01-20 02:08:19	Name: CMST Value: Ykz+xmJM-sYA
.onmanorama.com/	1970-01-20 02:06:54	Name: _em_vi Value: 5e1e67f7-e11c-4867-b98a-7fcb4f5fcc14-17ffcc33596-8a9a9f1b
.onmanorama.com/	1970-01-20 02:06:54	Name: _em_lt Value: 1649213126038
.onmanorama.com/	1970-01-20 02:06:54	Name: _em_ft Value: 1649213126038
.onmanorama.com/	1970-01-20 02:06:54	Name: _em_pc Value: 1
.adnxs.com/	1970-01-20 04:16:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hc!vyYoK!@wnfH8K6pQK`!5=E<L5?%M-6)KSFlJd:2fA]vV.z>dq7@Yz`??l-fh)0i-bpRzqF1`b`?G*=1C:
.doubleclick.net/	1970-01-20 02:06:56	Name: DSID Value: NO_DATA
.onmanorama.com/	1970-01-20 10:45:17	Name: _em_gc Value: DE
.onmanorama.com/	1970-01-20 10:45:17	Name: _em_mb Value: 0
.casalemedia.com/	1970-01-20 10:52:29	Name: CMRUM3 Value: 2d624cfec62760CAESEAZ3sGsBeySwMiUm7DxQNtU
.onmanorama.com/	1970-01-20 10:45:17	Name: _em_dmp Value: 1649213126251
.id5-sync.com/	1970-01-20 02:06:53	Name: cf Value:
.id5-sync.com/	1970-01-20 02:06:53	Name: cip Value:
.id5-sync.com/	1970-01-20 02:06:53	Name: cnac Value:
.id5-sync.com/	1970-01-20 02:06:53	Name: car Value:
.id5-sync.com/	1970-01-20 02:06:53	Name: gdpr Value:
.id5-sync.com/	1970-01-20 02:06:53	Name: callback Value:
.mathtag.com/	1970-01-20 11:32:48	Name: uuid Value: 642d624c-fec6-4500-af6a-f0dae29f47b5
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.adsrvr.org/	1970-01-20 10:52:29	Name: TDID Value: 75360393-8e64-4f14-8b75-306c2a86f8fc
.krxd.net/	1970-01-20 06:26:05	Name: _kuid_ Value: OwurxzQo
.adform.net/	1970-01-20 02:50:05	Name: C Value: 1
.adsrvr.org/	1970-01-20 10:52:29	Name: TDCPM Value: CAEYBSABKAIyCwjm683Jx-DLOhAFOAE.
.adform.net/	1970-01-20 03:33:17	Name: uid Value: 4294400440322830498
.ccgateway.net/	1970-01-20 03:33:17	Name: ccuid Value: 3e1b2584-10ec-4121-9026-124aa63dee42
.ccgateway.net/	1970-01-20 03:33:17	Name: ccsyn_narratiive-syndication_puid Value: 52ad677a-c8a6-41a1-8989-e128e4cb2a40
.ccgateway.net/	1970-01-20 03:33:17	Name: ccsyn_narratiive-syndication_puid_b64 Value: NTJhZDY3N2EtYzhhNi00MWExLTg5ODktZTEyOGU0Y2IyYTQw
.onmanorama.com/	1970-01-20 02:06:54	Name: _em_scf Value: []
.www.onmanorama.com/	1970-01-20 02:16:57	Name: RT Value: "z=1&dm=www.onmanorama.com&si=63752049-23af-401a-bcb6-472c207fe1cb&ss=l1mywuah&sl=1&tt=2m4&bcn=%2F%2F02179910.akstat.io%2F&ld=2m7"
.c.bing.com/	1970-01-20 11:28:29	Name: SRM_B Value: 0EFE228B06386B6A320B33F507536A93
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:28:29	Name: MUID Value: 0EFE228B06386B6A320B33F507536A93
.c.clarity.ms/	1970-01-20 02:06:53	Name: ANONCHK Value: 0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://img.onmanorama.com/etc/designs/commonutils/clientlib-img/img/dummy-image-onmanorama-big.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cf-images.ap-southeast-1.prod.boltdns.net/v1/jit/5265296597001/9c7d23e5-2564-4251-a3d2-978e48d92c36/main/1280x720/2m54s521ms/match/image.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://collector.effectivemeasure.net/sync_webhook/lotame/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179910.akstat.io
3fznpbk4ppbkiysm73dq-pdafho-3c42d3037-clientnsv4-s.akamaihd.net
946464d052bd8b7fe5f914b60561def2.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
bcboltmmcltd-a.akamaihd.net
bcp.crwdcntrl.net
beacon.krxd.net
bid.g.doubleclick.net
c.bing.com
c.clarity.ms
c.go-mpulse.net
cdn.ampproject.org
cdn.jsdelivr.net
cf-images.ap-southeast-1.prod.boltdns.net
cm.g.doubleclick.net
collector.effectivemeasure.net
covidapi.unibots.in
csi.gstatic.com
css.onmanorama.com
detect-survey.effectivemeasure.net
dmp.adform.net
dsum-sec.casalemedia.com
eaarwyaqcaaagkqce3yab3yaabrez7wh-pdafho-31f583015-clienttons-s.akamaihd.net
edge.api.brightcove.com
eus-api.ccgateway.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.clarity.ms
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
img.onmanorama.com
js.onmanorama.com
manifest.prod.boltdns.net
match.adsrvr.org
me-ssl.effectivemeasure.net
metrics.brightcove.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
players.brightcove.net
r3---sn-4g5ednsk.c.2mdn.net
s.go-mpulse.net
s0.2mdn.net
sb.scorecardresearch.com
scribe-news.mmonline.io
sdk.mmonline.io
securepubads.g.doubleclick.net
specials.manoramaonline.com
stats.g.doubleclick.net
survey.effectivemeasure.net
t.effectivemeasure.net
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
vjs.zencdn.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.onmanorama.com
www.onmanorama.com
104.16.89.20
104.79.88.164
142.250.184.226
142.250.185.194
142.250.185.66
142.250.185.98
142.250.186.34
142.251.1.94
15.197.193.217
151.101.2.27
172.105.43.230
18.66.245.194
185.33.220.244
23.35.232.134
23.35.236.247
23.35.237.37
2600:9000:2057:2a00:b:3c99:a880:93a1
2600:9000:20d7:ba00:1f:612c:5a80:93a1
2600:9000:214f:8c00:12:c2b1:eac0:93a1
2620:1ec:27::cafe:1761
2620:1ec:c11::200
2a00:1450:4001:6f::8
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2004
2a00:1450:4001:811::2006
2a00:1450:4001:811::200a
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9c
2a02:26f0:ef::5c7b:c244
2a04:4e42:200::729
3.212.253.181
35.244.232.184
37.157.4.28
46.51.146.69
51.195.5.38
52.142.114.2
52.167.85.21
52.50.215.59
52.91.215.149
54.76.43.248
54.76.90.159
69.192.160.133
74.125.140.154
88.221.111.24
92.123.194.137
92.123.194.164
96.16.151.200
99.86.4.2
99.86.4.66
03b4b2d41babe29bebdff2ec50bd0083a22f2ff7ef36f2f653acc93db764cab6
052647ea19cba771f30b83cf1e89b2154c9599d99436e7c6339a8c6428a10bca
093b1eb6ec6affdd95ee6ede828bf348ad06f65fe2de408842807f8e5ec0b184
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d6b0e748a63b28027344dd4121a4b705e5555587b56178edf920c1f6abde294
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ed3e338f9f6a268ed1b9b1316852635c2dbe7dd0159b42f38bf47b163baa10d
0f547e9161f7a6d3696e5aeea5290f31dcd09c78019ec5f3cdd4d42c855dc6c3
0f82338dde127b42749cb3eab7b39e3b61dcc66a798d618332f5f2817f269a3b
10cecf6b41a6d0a2c1fb8280c83c3a8858b1c503b749cd793d332b3c152f2da5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
132deb47a61f43c75e7ff96cf7e095e38c3dd56e0c5772052d80fb1cb3a7dc35
16671c9bd43a1be1f203b3b00c569e9c3af3db078f74192838ce882718d8a9ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cc300d92b888739e0466d8ff44ff6c18d8f4b86dfa5e1d2807141d279e6e036
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
21eb780ffb68fee985e2b059a442307dafdcc9f80f26dd60c575c7922f4b2956
27032b188b657b7c1da2e2d8d99c423e174dc3a0db079726cb1c8ae942c58446
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a57b2a8ac51ab8a039ed15dbe7e55ae70665f52a22e4bbf8e755257ad8d37ce
2b81f315e74b790047f70ce5797dde99ace3dfc42a24b810b9dc79d3beb21e41
2cd44768f593bf50da4fef0e9b6871187ae76f0f0259b3e103b9d5ea1fb99459
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33570ec4448d75ab435b4d5a3541e04d61bd632c9bc5199177fa8e75b832c026
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a4ed577ed000498594c1d2c6d4cf163550d53ddfb873690e28daccd77e421c2
3a913e19e238dc4a47843f2752097b1e4cbbc69056e303aedf7159556ce6ec06
3d51a72b99b6605914dbe809a87b149f65a457ff585e52c6f6cf2a30ae359765
3db07ec8684aa817da189457550e9ea6be313da2cbca3e6097ea8c611245b785
3de46690a53da44b62719dc5620a8c3d82520671178c098239e19f3af37f7d44
3f94c37ae74831ff0590c6340d1b4547fea4dcc82dc694c3bde98cfb25c14f0f
4358f21de2cdf16a8afa77e87dc5edd2cca4f60f529e08d9ef61926f6eed2431
438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4911415a9268d225abbdb53f8fab01d501f5588e8e903f675b17320a0cbb0213
4b0351bd5de7fd459b8d8e4468e1a37910f5b02c7e329bed3ee83ecef26550a0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d23c9596864091e494348cf8f5c35059e6cab575380436776e8b979258239c6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
500be6ac2812be9972e4a0eabec68c32a6ef50bd0fee142c765d5044bf37c4b4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50de4325533a97fe3d92cd48a84aaf197e9d861b0c18d1e27ccbaadd41d60f88
54de43742bb006a9ec08807cf104da5f5f8c3d4ffaeb04f211dc9e8668b59beb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560a40e7d510e1c6e910025e824dcbc26b50bb33e18bced61f8b75a7305d0ced
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
5a056e56520161876f187115e5234859350363fd20033d33ebf1eaf827fe4636
5b2a3a5ab2aec37e4c9d9d1836de23cd416e9948f266bc31d3a88c15b26a6dc0
5b2d653c19a9529ee7e4e3784bd6509132d999be839ff88b15d48b20662d6bd5
5bd73d48f216590d273eb969c450195bc5ee173503895f0faae499bb89aeeb2e
5bf285418fde8cd797cd4911fe5d156740917544bb6411da367d030c5f48cc3a
5c23aabb5100c8cd50d801fe3a762c8c7c67683881213727772e3aabcb69e2d4
5cab1a7dec602bb81ebd24664ecd0b0d3e2ca0940ba5324b7a191dfc079610ad
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
617904b24324b280bee029db665e34fbe517cedc61ed4f7e6244a25c0ae993bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655b4356965434ba7ebd9e28b32017cf3c39c1a0372edef98cba76c6064de2c8
65bfdfbd6f9981b2d865248447081e391197fe739e7f7fbcb9d860f3de083a4b
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6631de4735d885c6607655fa524314b2b9e3d602713e64f43582f5f11693fe6f
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7141e4ec807e869b2bd436ff778acfcccafdcef7182ae50e2e5fc9116dc84e04
731111c2c71c9ffc05b194e8c718b95794e74ae40a14d66d5111df2741f50dbe
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7ef475f0556172048ab3562cc18319104379ccec799966f9f68eaf87c911549e
7f1775e7e6df802c203c464466bc8ee169eacc5fa706aa580a8c1a8a76d4a057
7f6c5e9fde686c8143a47b26c6c48018fd331c22f52e3eeb78f0f3ccad800f3f
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
804443bd7d907858eea7bd884e5b3934049be1a738ca275fe3e51165d93ffa26
826a65925773a0d431729003295741489dc144c0b62a268d207e2f30c687da35
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853b8ead77d5a1233c938539e676b2d4f4e337c1bc75821d5b05b967db337a0b
8a0dfe7908d3190c80354a981d7dd9ba3346727aa6e49b162b644749778480c6
8cb2434436ba162aad140c82bae67bf01705a2fffd9e67ae6b926a64316abb60
9097839e8760c5d8bce47d6e1f3c7d70ea5e9f9daf3186cf9e1628053dbc3b4c
92958d4fdf7152d2cabf800876b0f1605a722365d95e3f7bbe381fe58e9df4b7
946a9430425202187259e5f956d56b7b3744547dadaf91049733d8aee33767d0
9479b3e3bef0f6427206cadb155b1f1e0197e6d87356db3a4dee7732273b2b80
94ee6fc838483912424d7dca265e3c92c4fe6c566849af0b802cd6e9d53cde07
9594905483e03ae4c7e27dc08dd0685703b10b4c164ff070444132238f42bf52
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fa755757dfa7ead11a18cff328afacee9c2fc9b8b832fae8b94fc833a32972
9e984ab04afc6cabd0a08f84049cfc76d5d3ef4c2d350c9619b06a3c56eff114
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58d46d853c21c8e11eb057aba26dbeeb32041b51a61d4e2c3adc86c09c08704
a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81d714d101f376880cbddaf3df5f7cb2e7881ed92e318052892e1fcc4f6929b
a8be32407f34593c10235a8179c1e6c55c640beac8d976b8cbb46b660e063826
a9977c82892e41b13063ffb178061f53e6d39ce28a353991eb9f36e37870ffea
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
ab91548572d24a701043ca5ec080f9455907773dd8ce61dad598912479fa062c
ad94613a9aa9feae3598a289d5a8772bb0da5ecca60d231eef3cd582ab4c2392
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af32ddef4531e522e3f503e0a2c4770343d0790cb2f6d419bf1e493837c02089
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22696282b92bdc656353111f41451af61899162772f76d7543b67a15c89a2b6
b646e7ffbc66071e42f1027eadcc593772e9728738516f4bb79d1b3c9c137eb7
b78401c570ac33d251310b020d0d089f12158b071e7923e19215aae52efaafc5
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbb04106d9fdc3f872c94b729acb91b487e2653cbbbfc6722c6424bc9dbfd5f4
be19377a649356c14d1880e94ee1a6f257302279e7544afe275f72150cfb5ccc
be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7
c28e9d3b131c466eef9886496227e59a5779807033c2eebbe00654065beddb4c
c526894418a500d80d670743554894db03728c58ae40d076c7e058d8f2a818ed
c6cf001d2139c7b8e8ad3b28f6aee37fe46c9fa0ceed880a75a73f9c6cf52125
c91c896a8a6737d45e3d609838138960e70cc82939ef132415e0296953043791
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cacd4676d3e1da53113f6ea6b7f337db546132c84d3e90d9ca82f088eedb96eb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cccbe0d464b4387917c023a5865c4c3c50724b4e471fd66759678dd5169f1fa0
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d3fbf7efca1e4d1f4c6e7a37792d77c30392ee4fc49f347e4543032f3bc2f96c
d85be025a12bbb9bc1b3070e776389404bc1fed2b43fed80aa6d21a0f340d46f
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
ddb198ead84de7846f3507e630b006161baa06c6df002726524658ea7f794722
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
dde3ddb8681ef3b8d89203923774f5449939ac2ca5e7ca7a8bff1927b10d5ebb
e0124cbc82cb61c496a04a6f0894bb3c687cd9a91ce7a9a3dfb23659550fe6da
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b0af7713631cc450dff40c46f1b5ba919122c2f165aace098fa928adf90ddf
e7b6e94dbad36e208ae7518b23ebbbd7267cdb3bee8835925c2383188efbb940
e8df66c5b54dab04113c9a87b1af617ff6d03ba80fa46d1dbd6661962f98948f
e9176b6a2180b57d7077e6fb2f77bb40eeabff487911294fecd9e26bb919401b
ea8eb488e642016f16b68948dd1bb4e7a1fb5b0a1d57c97dbc90ae2960a24be6
ec598a6e3250ef19badae52c675552aa189aad6113063242b6f7ab5d2df9de5b
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e649ba794266856e49838016e15e2238709d8515dacf79ca3fc35bfd83873
f22bbac2d7a5bfb79a2244d2c92d9690759fd2b2e109c3eae28dbfeefd13e697
f2427c9ba5368fa4734c4d6a170da7f9473be7ef68103c9ab010187a9e9468f6
f27da0bae57cb1ee192f30f4c4c63d8062eb78a241092e9667bc668dc37e2539
f73599767f48bb5d1aa2d9f1dfa0b0690b848eddd48c250ac217a7150b69d246
f9caa58991422d5dd53d6b8342c745831827498d0e30b9ad7fafa4321617da38
f9f91f0bd1379073d0ea4fc35a30d802e6cdd9325221649fbca52cb26a3da1f6
fec7c1c795f22f7c075d8e6906ab81f59b4c4a8f56409861709e0493fef1587c
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8

www.onmanorama.com Open in urlscan Pro 96.16.151.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

264 Requests

90 %HTTPS

43 %IPv6

37 Domains

68 Subdomains

54 IPs

10 Countries

5901 kBTransfer

10172 kBSize

61 Cookies

27 Outgoing links

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.onmanorama.com Open in urlscan Pro
96.16.151.200 Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

90 %
HTTPS

43 %
IPv6

37
Domains

68
Subdomains

54
IPs

10
Countries

5901 kB
Transfer

10172 kB
Size

61
Cookies

264 HTTP transactions
5 data transactions