all-news.co Open in urlscan Pro
2606:4700:3030::6815:36b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gucluinsaat.net/?Z289MSZzMT0xNDYxMjUxJnMyPTEyNDE3NCZzMz1VUw==
Effective URL:
https://all-news.co/
Submission: On August 11 via api (August 11th 2022, 4:06:43 pm UTC) from JP — Scanned from FR

Summary HTTP 253 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 9 countries across 34 domains to perform 253 HTTP transactions. The main IP is 2606:4700:3030::6815:36b, located in United States and belongs to CLOUDFLARENET, US. The main domain is all-news.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 1st 2021. Valid for: a year.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	195.154.104.74 195.154.104.74	12876 (Online SAS) (Online SAS)
1 27	2606:4700:303... 2606:4700:3030::6815:36b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:6... 2600:1901:0:6665::1	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
14	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:3600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4 10	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.211.246.129 52.211.246.129	16509 (AMAZON-02) (AMAZON-02)
23	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
7 7	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.195.201.66 18.195.201.66	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21	16509 (AMAZON-02) (AMAZON-02)
4 4	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
1	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
3 3	89.207.16.75 89.207.16.75	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	104.103.91.125 104.103.91.125	16625 (AKAMAI-AS) (AKAMAI-AS)
253	31

1 195.154.104.74 (Ivry-sur-Seine, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 195-154-104-74.rev.poneytelecom.eu

gucluinsaat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:3030::6815:36b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:6665::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

steadfastsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.246.129 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-246-129.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.18.126 (None, ) 7 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.201.66 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-201-66.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.7.201.234 (Vienna, Austria) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.131.136.1 (France) 1 redirects

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

jpp.aircaraibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.207.16.75 (Amsterdam, Netherlands) 3 redirects

ASN41041 (VCLK-EU-SE, US)

www.ftjcfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cj.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.emjcd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.91.125 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-91-125.deploy.static.akamaitechnologies.com

www.yceml.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	845 KB
50	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	282 KB
27	all-news.co 1 redirects all-news.co	1 MB
23	gstatic.com fonts.gstatic.com www.gstatic.com	352 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 22303 ad4m.at — Cisco Umbrella Rank: 2303 assets.ad4m.at — Cisco Umbrella Rank: 34366	459 KB
13	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	2 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	8 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	388 KB
7	casalemedia.com 7 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453	7 KB
5	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 636	330 B
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3235 onesignal.com — Cisco Umbrella Rank: 1193	83 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1751	3 KB
4	rubiconproject.com 4 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 326	2 KB
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 1516	542 B
4	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 611	694 B
4	quantserve.com 3 redirects cms.quantserve.com — Cisco Umbrella Rank: 1083	1 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 900 trc.taboola.com — Cisco Umbrella Rank: 653 trc-events.taboola.com — Cisco Umbrella Rank: 1491	20 KB
3	google.fr adservice.google.fr — Cisco Umbrella Rank: 24445	1 KB
2	metaffiliation.com 1 redirects action.metaffiliation.com — Cisco Umbrella Rank: 59096 img.metaffiliation.com — Cisco Umbrella Rank: 34010	135 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 568	1 KB
2	everesttech.net 2 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2926	752 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 110895 static-de.ad4mat.net — Cisco Umbrella Rank: 152918	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	steadfastsystem.com steadfastsystem.com — Cisco Umbrella Rank: 119766	28 KB
1	yceml.net www.yceml.net — Cisco Umbrella Rank: 23174	15 KB
1	emjcd.com 1 redirects www.emjcd.com — Cisco Umbrella Rank: 13176	805 B
1	dotomi.com 1 redirects cj.dotomi.com — Cisco Umbrella Rank: 13247	1 KB
1	ftjcfx.com 1 redirects www.ftjcfx.com — Cisco Umbrella Rank: 73582	746 B
1	aircaraibes.com jpp.aircaraibes.com — Cisco Umbrella Rank: 795688	2 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1388	296 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	644 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 594	466 B
1	gucluinsaat.net 1 redirects gucluinsaat.net	292 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
253	34

	Domain	Requested by
49	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
27	all-news.co	1 redirects all-news.co
26	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net all-news.co
23	cm.g.doubleclick.net	all-news.co googleads.g.doubleclick.net
23	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	fonts.gstatic.com	fonts.googleapis.com
11	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net tpc.googlesyndication.com
10	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
9	www.googletagservices.com	googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
7	ssum-sec.casalemedia.com	7 redirects
6	assets.ad4m.at	as.ad4m.at
5	image6.pubmatic.com	googleads.g.doubleclick.net
4	e.dlx.addthis.com	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	pixel.rubiconproject.com	4 redirects
4	rtb.openx.net	googleads.g.doubleclick.net
4	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
4	cms.quantserve.com	3 redirects googleads.g.doubleclick.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	onesignal.com	cdn.onesignal.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.fr	pagead2.googlesyndication.com
2	d.agkn.com	2 redirects
2	pixel.everesttech.net	2 redirects
2	trc-events.taboola.com	cdn.taboola.com
2	www.google-analytics.com	all-news.co www.google-analytics.com
2	steadfastsystem.com	all-news.co steadfastsystem.com
2	cdn.onesignal.com	all-news.co cdn.onesignal.com
1	www.yceml.net	as.ad4m.at
1	www.emjcd.com	1 redirects
1	cj.dotomi.com	1 redirects
1	www.ftjcfx.com	1 redirects
1	img.metaffiliation.com	as.ad4m.at
1	action.metaffiliation.com	1 redirects
1	jpp.aircaraibes.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ag.innovid.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	all-news.co
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.adsafeprotected.com	steadfastsystem.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	trc.taboola.com	cdn.taboola.com
1	cdn.taboola.com	all-news.co
1	gucluinsaat.net	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
253	46

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-01` - `2022-10-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
steadfastsystem.com R3	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-06-18` - `2022-09-16`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
jpp.aircaraibes.com Gandi Standard SSL CA 2	`2021-08-18` - `2022-09-02`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://all-news.co/
Frame ID: 364A79DEE94EA323080B12336D12666A
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/zrt_lookup.html
Frame ID: 91F0095796655C613E971D53AFACE71E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1660233995&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233995378&bpp=3&bdt=573&idt=182&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=751529153382&frm=20&pv=2&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=202
Frame ID: F547C86D3FAB04B948541770415F466F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1660233995&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233995382&bpp=2&bdt=577&idt=209&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dBB25aCCSb&p=https%3A//all-news.co&dtd=216
Frame ID: 7621E19E4A4C52BB006A408CB3F07EAE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1486646866&adf=3868016238&pi=t.aa~a.3562888699~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=3&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90&nras=2&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XfrBRunSxZ&p=https%3A//all-news.co&dtd=31
Frame ID: C6DED92281DBFF5DEFA0940759A8CA66
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3083838368&adf=3514746373&pi=t.aa~a.1157537243~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250&nras=3&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3WUgbc0pip&p=https%3A//all-news.co&dtd=91
Frame ID: AAF6D169F9A409E10252C78E0799BA78
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1025011851&adf=625758300&pi=t.aa~a.3633471688~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280&nras=4&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dXUjlj8tpB&p=https%3A//all-news.co&dtd=103
Frame ID: CC420932B09F6327093ED804776095D4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2119830149&adf=26621657&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280&nras=5&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=45xEaQ73D9&p=https%3A//all-news.co&dtd=112
Frame ID: 23FDE7EFF48514E6471CE1A8B5D2B4FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=545&adk=3041565072&adf=250173141&pi=t.aa~a.378903493~rp.4&w=696&lmt=1660233996&nsk=3f6d1b0b&rafmt=11&pwprc=3183826420&psa=0&ad_type=text_image&format=696x545&url=https%3A%2F%2Fall-news.co%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250&nras=6&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qjY3ScMach&p=https%3A//all-news.co&dtd=125
Frame ID: 412989AEF86E5450D0CBFE02FB6BA7DB
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/index.html
Frame ID: 93F1705D5D3EE0F2D915516F17FC971C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 32FDDDD4C0E9F00943BA1CC07D6F8781
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1
Frame ID: D8340C5B8D187C6170935ABA32E14817
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 04BD148C15E293E113B2B76D9E57F1CD
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7BCE4187D8D4BCA155A1E03F7713AD37
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6E13F29F381C229651F41CEF48A72FDE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B73BD9187942584F696AA15731F11E93
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js
Frame ID: 4438A372ABFB7B01237EC51626E6A8CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CDqyoDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTgAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPgjQ0fxB_S95qaHxN48LuXAwSehZLvn85vyTwNQyz_Y58QdkRmWXgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=yL9E8fcpFv8&uach_m=[UACH]&cid=CAQSPACsnQUxfJ9lJKn3jHKl0ngWvCpOBrPAk9ZiONYwZcxLJx3Lt0MM64kcctk4L5RuV0uya6NL1qDR1KMKKRgB
Frame ID: F6D04BC3B195387A7007B1E03E94FDBF
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kkjmz0x9pr3hzt6dnryyzzbbya46aq3k4zk898y0qahwe266dvegahx5q2g6t3yq02w437sjaf0afaknqnw6vv2hrzdenh0xhvs81jfss1yrjp2kd091anky5g4vfycgyxw87fsgcqdkz5pg4yxe053jwb1np7h4zbrpppx9fne12y0mm1v8ej429de5jg94ft6t0q84p0cp9s9bz0xgmqcsp4bm4e1ja1d863pakeee0zm2r299c3b7x8fy8d1vn4w2097250trvq74qeanc20vjx8a175smbvgdb88ts7zv8aasa7g4r4ezd8fzp6xd2hbm37e503qb5c6gq6bxrxjf5sstvt4qyfyy9bdqvzhj7fgaf62e8gn95y2chq00fdvk5ekjmg474t9pmbs5xs5hbbc3qeyg5y1qnfz0xh6v024n236jjk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: FB6A23FD3EB815ED7A72F90BCBAB5B23
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0FECB337E6A1995D3FBC47BDF61D0C92
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js
Frame ID: F01E878A293A149E51FFA8B54255E85D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0385E9FA6EDE0481E4549351F09E8015
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 113E23ED6EC2E081B24462CA5C490C3F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E485882DEECA13774C70F933D6945652
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AC19280AC100BACD9C39023EBDBD3CF7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FCA62C0A01CA1F305FF7926A7A8F85E8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js
Frame ID: 2ADEC10287359B24324F0E90B9BB3BB2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js
Frame ID: EFC191CB562866664C946F5B13748828
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js
Frame ID: E8252CF3205364F1D9EDE94CB7C85F93
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 62082D2B9E74673B70A941BEB1C9AD4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1291961522&adf=278409778&pi=t.ma~as.9785579158&w=300&lmt=1660233997&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233997691&bpp=2&bdt=2885&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250%2C696x545%2C1600x1200%2C1005x124&nras=8&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&psts=AEC3cPLxCJJ1QaGOk3SaMicJmWUjm0bEFMh7iLYFN3NANOXwNaJrKaz25E2Hz4YMUMPOboTpSc1fPulmU8l7zA%2CAEC3cPJWj2IGbg25dM-jmi1Hnu5ep3PINBNbZYhRf0dQ09zH1KRq1olK1WkCTHnAB3qSuqxBhEqVfzi1jGOad2LRo4_rjGTe8obZ68djPbMwS74%2CAEC3cPLddDbp3_eLId_CsRHAY_zABLpx-CmyBc2l4RMv73LSenQXgygdcRZR_BSHuLKpZFSU8OOQ0kxRSE3Os7ZdgQ%2CAEC3cPLEDXYGTDWsXzUe6Tqo5v0Bb2-VUzkIF0JbyNWfcLl_TNzk79HOg25rcDomzVqCrz-Blz-ezSSjatBGHjH4ug%2CAEC3cPIhjnHNlFiIXOX5-E1ptaUXjYBGFVZ53w_0wVAdl_IsxrfNb6NhJpjd7LlEOG_KaR9rGesSyP1mMl56-ux5iA%2CAEC3cPJoLxUHUqhJtrk2Li3Bg1oGIqlR7J5j1HwTJkbChJpX7LDvnGQgTBWFxo2MeWRMhklyYv-yzvGgWowYtYKBxQ&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=t1PWqTpn0W&p=https%3A//all-news.co&dtd=26
Frame ID: 7DE24C2D1F777BFBEBC844F1D67ACF63
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Frame ID: 12646AD1FD05A1C2F73A477132B3A8F9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 012F2F4273AA791508BD3071C031B2DA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3ED1EC4172641786BCC0B846C89DAFF2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/index.html
Frame ID: 5BC9AD1A65CFB694E1C0C8A37463552A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - all-news

Page URL History Show full URLs

http://gucluinsaat.net/?Z289MSZzMT0xNDYxMjUxJnMyPTEyNDE3NCZzMz1VUw== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

253
Requests

91 %
HTTPS

54 %
IPv6

34
Domains

46
Subdomains

31
IPs

9
Countries

3734 kB
Transfer

8787 kB
Size

40
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/AllNews25193679

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gucluinsaat.net/?Z289MSZzMT0xNDYxMjUxJnMyPTEyNDE3NCZzMz1VUw== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DtqIyjbHFkbM-kAjj4dsvNVtoW_CzbjBw2Zqp9-f4C7WJLFb_OHMlJRlPSumeV3oMDgdOKwQ_wXcVcdyQTPHBm-vtamIFq&google_gid=CAESEMNdXn7jsK0c9dlwhEvVDV8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZVcERRQUFBWUI3QmxDbg&google_push=AehlK4DtqIyjbHFkbM-kAjj4dsvNVtoW_CzbjBw2Zqp9-f4C7WJLFb_OHMlJRlPSumeV3oMDgdOKwQ_wXcVcdyQTPHBm-vtamIFq

Request Chain 153

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4D5mVx6sN4XTm-roAEXT1WkcaPzVN5LtE1S7-MUoWOEZjMoy_G7FMYRoSULER8_UAVmcYxXTXkv_b5JAtLlwspMcstWBnw&google_gid=CAESEEsX5MMgk2qFGAXO5CbXByM&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCI3S1JcGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BZWhsSzRENW1WeDZzTjRYVG0tcm9BRVhUMVdrY2FQelZONUx0RTFTNy1NVW9XT0Vaak1veV9HN0ZNWVJvU1VMRVI4X1VBVm1jWXhYVFhrdl9iNUpBdExsd3NwTWNzdFdCbnc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMENYNWU1N3JDUEhYX2lPZWRkZGVNODJ3V0N2R3RXSVNqMWJVN2w0MERYMA==&google_push

Request Chain 156

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEHAbS8ddwXW4FV11us_6l0&google_cver=1&google_push=AehlK4CUrcJm_ErUmhc7rVgneUDaroS9koCD8bpdKZOhakx6lhE_lR2i2n-jaxhFG5wRL8JIsmmiw62efzIahcoap-YDm1xhnn04 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdFWjUtMjctOFhBSA==&google_push=AehlK4CUrcJm_ErUmhc7rVgneUDaroS9koCD8bpdKZOhakx6lhE_lR2i2n-jaxhFG5wRL8JIsmmiw62efzIahcoap-YDm1xhnn04

Request Chain 157

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB1lEDfSvPF1vZBf9u9M7Zk&google_cver=1&google_push=AehlK4Bi61zs16yQUzYzD7wDs59GwiOJurhMZ1AH7qnd_C_E5uc4QPZfYB0BOHXs0gX-6oIN_pTUstCDLPS4hVculs76-7yeiok HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB1lEDfSvPF1vZBf9u9M7Zk&google_push=AehlK4Bi61zs16yQUzYzD7wDs59GwiOJurhMZ1AH7qnd_C_E5uc4QPZfYB0BOHXs0gX-6oIN_pTUstCDLPS4hVculs76-7yeiok&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB1lEDfSvPF1vZBf9u9M7Zk&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Bi61zs16yQUzYzD7wDs59GwiOJurhMZ1AH7qnd_C_E5uc4QPZfYB0BOHXs0gX-6oIN_pTUstCDLPS4hVculs76-7yeiok

Request Chain 174

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DmsjG0PP5KLc_F5JS_BBsbYcOX7msaJwk0j4XEklnyCq7ZOgxuwl-wf4hnNworOfr5xoz06JbQwGHQ8PuSeUY6ZVBXYaju&google_gid=CAESEJcQV20pEDPl0OVo82NAoUY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZVcERRQUFCUVo1QENINw&google_push=AehlK4DmsjG0PP5KLc_F5JS_BBsbYcOX7msaJwk0j4XEklnyCq7ZOgxuwl-wf4hnNworOfr5xoz06JbQwGHQ8PuSeUY6ZVBXYaju

Request Chain 175

https://d.agkn.com/pixel/2175/?google_gid=CAESECRNBNuZ21UbFFSpQo7mwlY&google_cver=1&google_push=AehlK4AZjIncmlZIEY6-ZAYgzdDXwNOatP-XAFwUHJEN-Pnaqi-NUc92ks9vY6Zzw9EO3_O-_fed8sc_xeRUrDHp2ZCaeKx3gr7b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AZjIncmlZIEY6-ZAYgzdDXwNOatP-XAFwUHJEN-Pnaqi-NUc92ks9vY6Zzw9EO3_O-_fed8sc_xeRUrDHp2ZCaeKx3gr7b&google_hm=Q0FFU0VDUk5CTnVaMjFVYkZGU3BRbzdtd2xZ

Request Chain 183

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPfO27qwtYHVXD4eJ1462OA&google_cver=1&google_push=AehlK4A_CcLEAqcnwwV8YkQpr_wLry7m_cdtTUAsqmY86h69LfBSMumLtqE9s89aQuBmdT6YHqqQ_O2IMBjlbsHpTgxEcuo9N69J HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4A_CcLEAqcnwwV8YkQpr_wLry7m_cdtTUAsqmY86h69LfBSMumLtqE9s89aQuBmdT6YHqqQ_O2IMBjlbsHpTgxEcuo9N69J&google_hm=yWiFJFz31V26TdWODiefAQ

Request Chain 187

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOqQIDV4CKfrGpqV06zExRQ&google_cver=1&google_push=AehlK4ABqOAvq5lDBWxjhV-51idQZQCMYl358iPAlBYn-GiAeFXSOj8X3CwoBx1f-3NsfG2VTl7IvGVxHAeWcP1uUzjpJfVxDs1_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGM1gtMy1HS0tN&google_push=AehlK4ABqOAvq5lDBWxjhV-51idQZQCMYl358iPAlBYn-GiAeFXSOj8X3CwoBx1f-3NsfG2VTl7IvGVxHAeWcP1uUzjpJfVxDs1_

Request Chain 188

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJYJbyq0_uV6u2I-bh0Eyzs&google_cver=1&google_push=AehlK4Cygdl1s1_AzYi1vbwVdgmdBlBW5H_CY8nYe1OMkIGLF4DocdKHgscF7VUyEdz9I3Qe2FdcYUXd6Fu1m9HPjy74TC8Hgr8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJYJbyq0_uV6u2I-bh0Eyzs&google_push=AehlK4Cygdl1s1_AzYi1vbwVdgmdBlBW5H_CY8nYe1OMkIGLF4DocdKHgscF7VUyEdz9I3Qe2FdcYUXd6Fu1m9HPjy74TC8Hgr8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJYJbyq0_uV6u2I-bh0Eyzs&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Cygdl1s1_AzYi1vbwVdgmdBlBW5H_CY8nYe1OMkIGLF4DocdKHgscF7VUyEdz9I3Qe2FdcYUXd6Fu1m9HPjy74TC8Hgr8

Request Chain 191

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_QG3hDC5av8jZwThr6GuE&google_cver=1&google_push=AehlK4AFlLSL0Y6503utXFryVgqciCMU7-70mhh3mdDM9FQjFtmvfl5wj4FKX2_B8OJ-qOhr7MqdnoAo08MrNqKzkQRjP5eDFo8T HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4AFlLSL0Y6503utXFryVgqciCMU7-70mhh3mdDM9FQjFtmvfl5wj4FKX2_B8OJ-qOhr7MqdnoAo08MrNqKzkQRjP5eDFo8T&google_hm=yWiFJFz31V26TdWODiefAQ

Request Chain 192

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BCjlGzRzQ2gw23c3NbPSAu-7nqJg5oJo3q474Gh9ZSIx8C8H5l0M2IYmnTyUSild2lcQWEfW4iQS9Bljz4KYJEFyYyFdFP&google_gid=CAESEE4D5CJMCoNyB7yJ8oTOLX8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BCjlGzRzQ2gw23c3NbPSAu-7nqJg5oJo3q474Gh9ZSIx8C8H5l0M2IYmnTyUSild2lcQWEfW4iQS9Bljz4KYJEFyYyFdFP&google_gid=CAESEE4D5CJMCoNyB7yJ8oTOLX8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTExNjA2MzgwMDA1ODMzOTUzMzY0Mw%3D%3D&google_push=AehlK4BCjlGzRzQ2gw23c3NbPSAu-7nqJg5oJo3q474Gh9ZSIx8C8H5l0M2IYmnTyUSild2lcQWEfW4iQS9Bljz4KYJEFyYyFdFP

Request Chain 195

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPj4hktXjORRTPFj3pYs45Y&google_cver=1&google_push=AehlK4AfOHkzlKSZSnk4yEVanmp7iMC2bUL_ZbWXi8-3gCsmb0GUsWD-8tSiTpN4syFKz9k0p2iE6Zx4iOxRExON9uHWpq_KuSo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGNkgtNC1KOENE&google_push=AehlK4AfOHkzlKSZSnk4yEVanmp7iMC2bUL_ZbWXi8-3gCsmb0GUsWD-8tSiTpN4syFKz9k0p2iE6Zx4iOxRExON9uHWpq_KuSo

Request Chain 196

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOAMyn1lYSOdxepkYh_s_GM&google_cver=1&google_push=AehlK4Ds43Jl1U2ivyktU6xi-o5IXQiJ1M9W3bv1Opio5KYZYH-SfYNQc4Po-JWhMdIwYIcIZLjrgq4kbajeHVpQjhqRREii97M HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOAMyn1lYSOdxepkYh_s_GM&google_push=AehlK4Ds43Jl1U2ivyktU6xi-o5IXQiJ1M9W3bv1Opio5KYZYH-SfYNQc4Po-JWhMdIwYIcIZLjrgq4kbajeHVpQjhqRREii97M&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOAMyn1lYSOdxepkYh_s_GM&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Ds43Jl1U2ivyktU6xi-o5IXQiJ1M9W3bv1Opio5KYZYH-SfYNQc4Po-JWhMdIwYIcIZLjrgq4kbajeHVpQjhqRREii97M

Request Chain 199

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELLI51pAmNigH7jV9orDL38&google_cver=1&google_push=AehlK4DWvdWPivl7zW3yXWzIU_Ki7c9pcT3ZwnMufV2SDqEoni9YV6k7J-vk_CWq9bIY-hZ9Ht1jOJC10R87No2lhFkeGeeNiPFV HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DWvdWPivl7zW3yXWzIU_Ki7c9pcT3ZwnMufV2SDqEoni9YV6k7J-vk_CWq9bIY-hZ9Ht1jOJC10R87No2lhFkeGeeNiPFV&google_hm=yWiFJFz31V26TdWODiefAQ

Request Chain 200

https://d.agkn.com/pixel/2175/?google_gid=CAESEGriJSPDAxoniwagPvggPfA&google_cver=1&google_push=AehlK4ARlVXnfDmt22o6GBQ7AfTeSCmX5-3WXNjAqKAy2vLJMtuMHVUu9K2TeyliGtc6p9qD3txtAuHvQ8vF6Dytwk1ZhJ41Tm_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4ARlVXnfDmt22o6GBQ7AfTeSCmX5-3WXNjAqKAy2vLJMtuMHVUu9K2TeyliGtc6p9qD3txtAuHvQ8vF6Dytwk1ZhJ41Tm_l&google_hm=Q0FFU0VHcmlKU1BEQXhvbml3YWdQdmdnUGZB

Request Chain 201

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CyNsQGbm2QRe1U_WpyTQXseipdgChfudjvOPoXlX-_sMir68xwoiqCY7akQ6uu6pUx9LYLsDtRi7mODk8Afu0mB-S2ltU&google_gid=CAESEE3d-rj47ND2hFolP6nES7k&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CyNsQGbm2QRe1U_WpyTQXseipdgChfudjvOPoXlX-_sMir68xwoiqCY7akQ6uu6pUx9LYLsDtRi7mODk8Afu0mB-S2ltU&google_gid=CAESEE3d-rj47ND2hFolP6nES7k&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTExNjA2MzgwMDAxMjI5NjQxNDk0MQ%3D%3D&google_push=AehlK4CyNsQGbm2QRe1U_WpyTQXseipdgChfudjvOPoXlX-_sMir68xwoiqCY7akQ6uu6pUx9LYLsDtRi7mODk8Afu0mB-S2ltU

Request Chain 204

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAppUH-b2X8WM22kju4LekU&google_cver=1&google_push=AehlK4CvAJ3WhltL-fCD0TDj073SlgzQw22qvRh2yiB-v2kKMGpvMdjymKSrq8eRxmJb1Qzgibj3BknrmRA8zlD-4bzVLFGUb0U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGNzQtMUstNjVWMg==&google_push=AehlK4CvAJ3WhltL-fCD0TDj073SlgzQw22qvRh2yiB-v2kKMGpvMdjymKSrq8eRxmJb1Qzgibj3BknrmRA8zlD-4bzVLFGUb0U

Request Chain 205

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHrpcMKeaXvJgjD7SFKE6WM&google_cver=1&google_push=AehlK4DNpB-1uBnsKHA_WYMPCKObeRGS3LfoOg14rSB_ZCDPKt_7LqJJp25BiJ0OR58kbFJecJ-7XnVsXPu3KyWx2W-31o2J1Zth HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHrpcMKeaXvJgjD7SFKE6WM&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4DNpB-1uBnsKHA_WYMPCKObeRGS3LfoOg14rSB_ZCDPKt_7LqJJp25BiJ0OR58kbFJecJ-7XnVsXPu3KyWx2W-31o2J1Zth

Request Chain 207

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 209

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 240

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 243

https://www.ftjcfx.com/8o121iw-ousDLNHGIFJDFIIKIGJG&pv=1&pref3=oneidR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=%7B%7BIAB_CONSENT_PD%7D HTTP 302
https://cj.dotomi.com/b8103ltx-D/nuz/txr/CFFHFDGD/IKEDFCG/B/B/B/B/B?h=r%3c%3c6IIEH%3A%2F%2FLLL.4I814M.1DB%3AXP%2F7Bz53-WYSRTQU-QTTVTRUR%2606%3DD%2602pqF%3DzyptocGherqDiqRAr2svS7SF4b4mbus7eAex11SJzypto__35t4p_Yp4xt8_cplnsID_epns%26ro02_nzy3py4%3D%26ro02%3DC%26ro02_0o%3D%25Wa%25WaTMN_OZYdPYe_a-%25Wc%3c%3cf%3c%3c%3cQ%3cQ%3cP%3cP%3cP%3c HTTP 302
https://www.emjcd.com/a073m-36M/u05/-3y/JMMOMKNK/PRLKMJN/I/MIIRIMPRKLILKLNNRI:vfBgi0_6VKlM/I/I/I?k=s%3c%3cmyyux%3A%2F%2F111.kyohk2.htr%3AD5%2Fnrflj-CE8796A-699B97A7%26gm%3Dt%26giVWv%3DfeVZUIwNKXWtOW7qXiYb8n8vkHkSHaYnKqKdhh8zfeVZU__jlZkV_EVkdZo_IVRTYyt_KVTY%26XUgi_TfejVek%3D%26XUgi%3Ds%26XUgi_gU%3D%25CG%25CG923_4FEJ5EK_G-%25CI%3c%3cL%3c%3c895f6CCj-6EC6-98C6-fE97-A6B78D7hggCi%3c6%3c6%3c5%3c5%3c5%3c HTTP 302
https://www.yceml.net/0252/14464252-1655283571115

253 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
all-news.co/
Redirect Chain

http://gucluinsaat.net/?Z289MSZzMT0xNDYxMjUxJnMyPTEyNDE3NCZzMz1VUw==
http://all-news.co/
https://all-news.co/

195 KB
30 KB

161ms
111ms

Document
text/html

2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.25
Resource Hash: 95efed1b8e98e2895069e7ff0ceb0a5173e0f6021644c5c85aae20baba68db81

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 73923822daad0810-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 16:06:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYFwHo3VfgxwrzM7Nel9a1DazVCIq7pwR7hWGqrbaP4%2BY7pDx6SMgo9QU%2FdoniDXiNNjsUyecfuu%2FJ%2F2Cl7rNwQYJ7ScmiyeJ7aO4szsLIFcZavu5MxFwSQw%2B2VutPX1tdIkppnObRfKUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie
x-powered-by: PHP/7.3.25

Redirect headers

CF-RAY: 739238224b323a23-CDG
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 11 Aug 2022 16:06:34 GMT
Expires: Thu, 11 Aug 2022 17:06:34 GMT
Location: https://all-news.co/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nA8L1J5Z1Jd0BSNXvLq9qRy7po02GN%2Fk61XrGSRmapGuxMUmGNbvKqI%2BIU1VcnCZB74tzwCH%2BHkQwphyCItADI2g4x%2BNTgokCZCVJuMY%2Bsjn%2FzTZ%2B1R687EuJXJc4lB0vDPcZcB4BPgS3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 autoptimize_f52220c6c39437807f65753b8c104652.css
all-news.co/wp-content/cache/autoptimize/css/ 1008 KB
121 KB 42ms
41ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_f52220c6c39437807f65753b8c104652.css
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b16df7e728c16f5f255396fc4b95358241bb90ef7e25717c920f201e9e8d7d6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2549310
cf-polished: origSize=1036097
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Jul 2022 03:02:47 GMT
server: cloudflare
etag: W/"fcf41-5e3a705091af3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asQgz9ZZBtJw48801NdymY0KFAn5q9cCki5g%2BE19aRAyEQCPQjaulkqsM5i2WuClqLxPrMCnmCCjQQV76Dhqjrc4mO0PBxyiMn2U9c6SysRSdymfMGN%2FQhuqLemxzuMe%2FJmJ5XaLdov%2Fmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=30672000, immutable
cf-ray: 73923823dd4c0810-CDG
expires: Mon, 03 Jul 2023 03:58:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 114ms
36ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800%2C400&display=swap&ver=11.5.1

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f50c79d15068f6c5ab2c6051e1f54db433cc72c6f3d62af1fe994cfff40549c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 16:06:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:34 GMT

GET
H2 200 autoptimize_single_2af45d55b4971e14d3342b575d50e98f.css
all-news.co/wp-content/cache/autoptimize/css/ 3 KB
1 KB 35ms
35ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_single_2af45d55b4971e14d3342b575d50e98f.css?ver=2.2.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1027323
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 23 Jul 2022 16:07:22 GMT
server: cloudflare
etag: W/"adc-5e47b25570eea-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFvrR71AUVeHpRM7ioksK5d93NS7Dh6h6%2FCxnDe6d7MKsOOePBNVTE4YGzvZSWjO8iuNJio6u6piqaqhUx3%2FAc0HjEacqUWXW2hlv4XAR7PCYO6Cn3mGmcOyrTbzJ6kxPTE8%2FT4UWNNuNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=30672000, immutable
cf-ray: 73923823dd4f0810-CDG
expires: Thu, 20 Jul 2023 18:44:31 GMT

GET
H2 200 jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 87 KB
32 KB 69ms
69ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
age: 3044
etag: W/"15db1-5c7d1c05fb9c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxKJqlO3PwXdxxnS3PEP%2FpYbUtnj0uO4XObabIwE%2Bjcmag%2FGsgLeqUK4zvJG2cvFS77FY5sfQceBWx2pme79X%2BCIAtj8EFlJIUkhYgHtWjFA%2BNUc1iNKmT0zAYG%2FvJlsYxcZYtnyakT7Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73923823dd530810-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 111ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2a90e4b2c90773869de219dfbcccb4ce1ec02571830e60bf07ec647aea17c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51645
x-xss-protection: 0
server: cafe
etag: 11651511739298561872
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 16:06:35 GMT

GET
H3 200 ALLNEWS-logo-final.png
all-news.co/wp-content/uploads/2021/10/ 107 KB
108 KB 74ms
73ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/ALLNEWS-logo-final.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5688
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 109988
last-modified: Sun, 17 Oct 2021 14:21:22 GMT
server: cloudflare
etag: "1ada4-5ce8d248a819f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4C6ZDKq8kAANRVJge%2FnCpclRwvbcLjWNAxwyeTnmamv8Cb2qUKCJPF3WXvTxtRvMrupNFYQL3%2FNz4GFYSJRMDH%2FMgVBwHnwUoeqdOu2f1jbu252EsXo7uPLSXZXZ4qFyqlYCsbkLS29xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73923824bb18331c-CDG

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 109ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab31438e1c20f2c8325a8b2475e1a345e67529ee311b332ffe50a4264b062333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57480
x-xss-protection: 0
server: cafe
etag: 18380813325525359759
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 16:06:35 GMT

GET
H3 200 12347-vulnerable-house-democrats-wont-say-if-they-plan-to-vote-for-manchin-inflation-reduction-act-696x385.jpg
all-news.co/wp-content/uploads/2022/08/ 40 KB
41 KB 111ms
109ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12347-vulnerable-house-democrats-wont-say-if-they-plan-to-vote-for-manchin-inflation-reduction-act-696x385.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53f0b3f1910bfe630acf831d9af5e2d3074ef66bb80a3e4271ef88c3016eb772

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41352
last-modified: Wed, 10 Aug 2022 20:28:10 GMT
server: cloudflare
etag: "a188-5e5e8e32e367a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BBf%2BwYGm436wVVlc3ITyxpPdkkKzzg1EPoAq6ZzmygMnkOZX0m98uD2V24h7PQUbk13XchS2q7oh1yCWqvaE1z7ohMNOVvw4Rt91omiYByJxR71i9YlwPm8ncDFkR%2BotSFviKsYNL4PVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73923824bb1e331c-CDG

GET
H3 200 tdn_pic_1.png
all-news.co/wp-content/uploads/ 22 KB
22 KB 30ms
28ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/tdn_pic_1.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2234cc7fe6eff36c16781a4fd65fb50de8e1ec09af0dd11cf925af7c8d3c0194

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22393
last-modified: Tue, 25 May 2021 04:49:47 GMT
server: cloudflare
etag: "5779-5c3204168ddf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksFnxEST9XMrnx2yNpHe%2BLfgIiDRfaBiLco3mlUC9I7NDg6K0lA28yAW3JaLH0jY7XQd81u6%2BvSwEKokoh0jzPqn3VLYSUHDhdpRLZ9QcDfPWp3ZzoiMiaYWOViHizIue1B%2Fu9wtHetjHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73923824bb20331c-CDG

GET
H3 200 email-decode.min.js Show response
all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 26ms
26ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 17:04:07 GMT
server: cloudflare
etag: W/"62f29387-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y8lIw1Iv9%2FjsVs1JO4qRE3HYtxy2LDKCf2BOggSIZ2rMDyHphqKskUjyjbz4AIcoBcgFyU33lFcsHpxQ6UnkiIzf75Qc0uVZTI57Vy2%2FKIxUvNDebUyYTK%2F9FkEYZZhpb2lZ77lYAkzeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73923824aade331c-CDG
vary: Accept-Encoding
expires: Sat, 13 Aug 2022 16:06:34 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 107ms
47ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0.1

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 739238251e963a99-CDG
date: Thu, 11 Aug 2022 16:06:35 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2499
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 14 Aug 2022 16:06:35 GMT

GET
H3 200 autoptimize_5c04d7d62b5d74858ac01150dcaf0a7d.js Show response
all-news.co/wp-content/cache/autoptimize/js/ 394 KB
96 KB 113ms
111ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/cache/autoptimize/js/autoptimize_5c04d7d62b5d74858ac01150dcaf0a7d.js
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b2da2c7c59b8269a2f61513a58107c6e6a6743a4b8be0a7a665c62771d539f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1027324
cf-polished: origSize=404455
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 23 Jul 2022 16:07:22 GMT
server: cloudflare
etag: W/"62be7-5e47b2556d452-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99YpEJmOKVcMM7zu0QfDjDW8Ifciy3B2HZENBqc3yH8Uwshy6nWjqRopPmpEesydCzpGgN7%2FSw1FjlQOU%2F4X68jjpd2QznueapuB43YJZVvflIVka6fWzhY9JboRAnDHza9n%2FkobBEpnaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=30672000, immutable
cf-ray: 73923824bb23331c-CDG
expires: Thu, 20 Jul 2023 18:44:31 GMT

GET
H3 200 wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 18 KB
5 KB 132ms
130ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Jun 2022 11:03:27 GMT
server: cloudflare
age: 3045
etag: W/"48b9-5e18e965a4fad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WhCmrLkn%2B39QNhM0Ts1N9UCZ%2F%2BdFYaNo1goSVc1Nielbb%2FxKCv4P9AFnSfUnZGjsHi7qoBhz%2BwZQTOVYFh1xHTlL%2Bq5h0iTtuZhWy3c0Vu8SKY54S4ZkMzjREBh%2B9oi4juje65dPZtsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73923824bb25331c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR Show response
steadfastsystem.com/ 92 KB
28 KB 194ms
136ms Script
text/javascript 2600:1901:0:6665::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:6665::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

686c16a5fb357eef15ec1986e86482b440237b8fd23a6335888c787a60ada9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "74007488d24aad6a9c9bd148834f7750124a126bef7bd13957920beb279c25e8"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-33r1
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Thu, 11 Aug 2022 16:06:35 GMT
x-buildnumber: 609294353
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3875
date: Thu, 11 Aug 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Aug 2022 17:02:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1400286/ 57 KB
18 KB 64ms
18ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1400286/tfa.js
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c573802dda237830f2f3baf927b9409aff9a0bbccf99d3dc1114475b9f740986

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: QfIeN3YUcdHEgeFXAKTuOBthMFfbPCi7
content-encoding: gzip
etag: "6d33ea9168284fa43e84f4ef0a9282d0"
age: 138
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17940
x-amz-id-2: h4PIJ2x7BA9sPichyh52RFFL/fKjNscYtykJc8atQL84u4ySPz+aUGwa830K3OfHerus19JcemA=
x-served-by: cache-cdg20771-CDG
last-modified: Sun, 07 Aug 2022 11:30:29 GMT
server: AmazonS3
x-timer: S1660233995.040404,VS0,VE1
date: Thu, 11 Aug 2022 16:06:35 GMT
vary: Accept-Encoding
x-amz-request-id: 393PWY53R1R49PM0
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 14
x-cache-hits: 1

GET
H3 200 mobile-bg.jpg
all-news.co/wp-content/uploads/2021/01/ 43 KB
43 KB 47ms
46ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43847
last-modified: Sat, 30 Jan 2021 22:15:34 GMT
server: cloudflare
etag: "ab47-5ba2575ae8adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BS1hb3FIu7rMGBIVnpMiJDNVk42SxPTSN1WUc4jmuyC3oqrb2XVA0VvJovhTJzuYByd8YZtQOIpFHpE1A5bPeKeoqWQ0inylYm2M0hvcSQutmTMhirkH8fUVZZMJKbHWSEKNbJl5Y4MiCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73923824bb29331c-CDG

GET
H3 200 newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 28 KB
20 KB 43ms
43ms Font
application/font-woff 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_f52220c6c39437807f65753b8c104652.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Request headers

Referer: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_f52220c6c39437807f65753b8c104652.css
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Jun 2022 11:04:20 GMT
server: cloudflare
age: 85
etag: W/"703c-5e18e997e0817"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aW7MvuJR7iStdEJnsTJZj31UKDJbeoew1lFOkshTX97TbOaiNcnN4BSZt1WyTxD%2BXCbN760rpY8j2L60j48ZtXSFPoGUP%2F1CgijFtv%2FZYZUYF30Nk9Th%2Bmp0tz%2BBHKKjwLy7KziOVEjHmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73923824cb47331c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 87ms
29ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800%2C400&display=swap&ver=11.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 248320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 57ms
32ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800%2C400&display=swap&ver=11.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 256903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800%2C400&display=swap&ver=11.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 270630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:56:05 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800%2C400&display=swap&ver=11.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 23:10:25 GMT
x-content-type-options: nosniff
age: 233770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 23:10:25 GMT

GET
H3 200 newspaper-icons.woff
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
5 KB 46ms
46ms Font
application/font-woff 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_f52220c6c39437807f65753b8c104652.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

Referer: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_f52220c6c39437807f65753b8c104652.css
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Jun 2022 11:04:25 GMT
server: cloudflare
age: 3041
etag: W/"1744-5e18e99cd87e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ojYFgfCqcX6u2LvIQ55k0%2FrYh3kR2LngOSQtgzo5p3AEDNpyFcBubMItH93osJrj1wyu1MB8zyBj7puSbTRd3b%2FYdCi9QqgFBFnPWxXCYBKVTt4GbpOvNYtDJ8R8gG44EWBtnyziL1Lyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 739238255ca9331c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 117 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 json Show response
trc.taboola.com/1400286/trc/3/ 2 KB
2 KB 69ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1400286/trc/3/json?tim=1660233995281&data=%7B%22id%22%3A908%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1660233995275%2C%22cv%22%3A%2220220807-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fall-news.co%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtdg-ismaillahri2685adv1%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1660233995280%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fall-news.co%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A36%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1400286/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: db91b786f6471090bf74e02f624d64cef9abf8e197d16ac84f339ebe4f12fcda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 28
date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: gzip
server: nginx
x-timer: S1660233995.318527,VS0,VE28
x-served-by: cache-cdg20771-CDG
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 85ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800%2C400&display=swap&ver=11.5.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 257210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:39:45 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 89ms
35ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1249665255&t=pageview&_s=1&dl=https%3A%2F%2Fall-news.co%2F&ul=en-us&de=UTF-8&dt=Home%20-%20all-news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1783822759&gjid=1588729340&cid=1251073223.1660233995&tid=UA-185019636-1&_gid=1935478291.1660233995&_r=1&_slc=1&z=1356723902

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 footer_bg.jpg
all-news.co/wp-content/uploads/2021/01/ 105 KB
105 KB 38ms
38ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107441
last-modified: Sat, 30 Jan 2021 22:15:20 GMT
server: cloudflare
etag: "1a3b1-5ba2574d2c0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfvD7EWbWXQnBzqZGfy4NyECw0%2Fk0mW5tF%2B89EghcTSgTly3hzmLLIKGAU2TaQxSIpqAd%2F%2BVUODLN4L5O2qKZKnOn8g1PJ6TPwTBfaGA3QV0zzltXJeWtbrn%2BoquHiO2PI9OWKvwVpeGKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73923827184f331c-CDG

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ 340 KB
120 KB 106ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f7ab3695b9693af03b131c382ca6f9314a85ed17826623718f5fbca42891e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122757
x-xss-protection: 0
server: cafe
etag: 13335619347251098927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 16:06:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/ Frame 91F0 10 KB
5 KB 86ms
24ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 10797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 13:06:38 GMT
etag: 8616628553774171045
expires: Thu, 25 Aug 2022 13:06:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 68ms
22ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-185019636-1&cid=1251073223.1660233995&jid=1783822759&gjid=1588729340&_gid=1935478291.1660233995&_u=IEBAAEAAAAAAAC~&z=6609257

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Aug 2022 16:06:35 GMT
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
69 KB 60ms
33ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73923827ec939993-CDG
date: Thu, 11 Aug 2022 16:06:35 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 16
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 14 Aug 2022 16:06:35 GMT

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
466 B 96ms
22ms Script
application/javascript 2600:9000:223f:3600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 15300512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: anqHlrW_f5QcqIpxzmlqp3ALtXZ7QZ3QrhpSDKRKwW47Ryxx4YjqDw==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 106ms
34ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e5097b0534fd91802e31e67c33b67abf76a5345cff9f586c828859357fed1124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 159ms
34ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 91ms
33ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fall-news.co%2F&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F547 266 KB
64 KB 349ms
297ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1660233995&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233995378&bpp=3&bdt=573&idt=182&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=751529153382&frm=20&pv=2&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=202

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a49ff99d157b6fbbfb8f5c8eccc60cc6aa4bc5b744483a633a7ce2fbfdab682e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 64999
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:35 GMT
expires: Thu, 11 Aug 2022 16:06:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7621 81 KB
27 KB 379ms
349ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1660233995&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233995382&bpp=2&bdt=577&idt=209&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dBB25aCCSb&p=https%3A//all-news.co&dtd=216

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1f03f0e7d2bd999c152c1edfcb92a553f308819e61603b5ad1cb8a2470d8d5f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJiavMyVv_kCFdTDhwodN3oFCQ&gqi=Cyn1YoGpKJbxtge7s4ugAQ&layout=/sadbundle/%24csp%253Der3%24/11909705552629858304/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27254
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJiavMyVv_kCFdTDhwodN3oFCQ&gqi=Cyn1YoGpKJbxtge7s4ugAQ&layout=/sadbundle/%24csp%253Der3%24/11909705552629858304/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:35 GMT
expires: Thu, 11 Aug 2022 16:06:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/392339f7-d71c-4ce5-9621-025c65a4d04d/ 3 KB
2 KB 104ms
103ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/392339f7-d71c-4ce5-9621-025c65a4d04d/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25127443e590da6d2966c9962fd06795c091a52b79f51f79cc4031b10c8cdfeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 54
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 72ece282-70c4-4c6e-b488-8de7bee41037
x-runtime: 0.051363
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"25127443e590da6d2966c9962fd06795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 73923828ad733a99-CDG
access-control-allow-headers: SDK-Version
expires: Thu, 11 Aug 2022 17:06:35 GMT

POST
H3 200 v2touNXVMZstT-DXpvM_2OKzrRW8pxiDUh7IZIi0EjwMFAYVF116hxIAqk9r9HvuXBnoncVInTxqfNyviGWqq7XAwdtrQTi1ER9-GS0wyjdTn8_NRQBMyKZcPoVSIuxc1dIvqH04-5gG3GA Show response
steadfastsystem.com/ 209 B
236 B 79ms
38ms Fetch
application/json 2600:1901:0:6665::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2touNXVMZstT-DXpvM_2OKzrRW8pxiDUh7IZIi0EjwMFAYVF116hxIAqk9r9HvuXBnoncVInTxqfNyviGWqq7XAwdtrQTi1ER9-GS0wyjdTn8_NRQBMyKZcPoVSIuxc1dIvqH04-5gG3GA

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:6665::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

b0b8d68ee522eab5df453cc36e65c38b1401a9c685a66d65226d8cf914e8c60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://all-news.co/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 609294353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
x-datacenter: gce-europe-west1
date: Thu, 11 Aug 2022 16:06:35 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-spot-33r1
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 11 Aug 2022 16:06:34 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 36ms
36ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73923829682c9993-CDG
date: Thu, 11 Aug 2022 16:06:35 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3287
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 10 Sep 2022 16:06:35 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/392339f7-d71c-4ce5-9621-025c65a4d04d/ 44 B
615 B 135ms
110ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/392339f7-d71c-4ce5-9621-025c65a4d04d/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 13
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 17c8ad5c-9d4b-4c38-8fe5-9dc742f6e3d2
x-runtime: 0.012179
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cf-ray: 73923829fb9aedbf-CDG
access-control-allow-headers: SDK-Version

GET
DATA 200
OK truncated
/ 582 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ 150 KB
53 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74d47fba2c0983dadcb191c9e54d2cf825c2ace22275c8f520b843ddb86cb8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54583
x-xss-protection: 0
server: cafe
etag: 4482512096810478417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 16:06:35 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 86ms
34ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 16:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 86ms
34ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 16:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6DE 83 KB
31 KB 438ms
437ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1486646866&adf=3868016238&pi=t.aa~a.3562888699~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=3&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90&nras=2&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XfrBRunSxZ&p=https%3A//all-news.co&dtd=31

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28e90162c2ee0c01f7237e58072a0f98179535308493bee0ffa510c3f3ba3262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32042
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:36 GMT
expires: Thu, 11 Aug 2022 16:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AAF6 76 KB
25 KB 381ms
380ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3083838368&adf=3514746373&pi=t.aa~a.1157537243~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250&nras=3&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3WUgbc0pip&p=https%3A//all-news.co&dtd=91

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

509d11755767eb8abe14ce10d3d5a831aaa9f4992dcc74e88fcc05b6b4a69d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 25129
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:36 GMT
expires: Thu, 11 Aug 2022 16:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC42 100 KB
34 KB 381ms
381ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1025011851&adf=625758300&pi=t.aa~a.3633471688~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280&nras=4&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dXUjlj8tpB&p=https%3A//all-news.co&dtd=103

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

058d3b35b4292343c16a80a41294d2a485cd51fe9efd76505106be8c749e40c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34348
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:36 GMT
expires: Thu, 11 Aug 2022 16:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23FD 35 KB
13 KB 396ms
395ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2119830149&adf=26621657&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280&nras=5&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=45xEaQ73D9&p=https%3A//all-news.co&dtd=112

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f637d653071a3a5bb0ecee05d5361be344e21c91bc48c060aaad04b00dd909a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13451
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:36 GMT
expires: Thu, 11 Aug 2022 16:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4129 112 KB
42 KB 373ms
373ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=545&adk=3041565072&adf=250173141&pi=t.aa~a.378903493~rp.4&w=696&lmt=1660233996&nsk=3f6d1b0b&rafmt=11&pwprc=3183826420&psa=0&ad_type=text_image&format=696x545&url=https%3A%2F%2Fall-news.co%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250&nras=6&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qjY3ScMach&p=https%3A//all-news.co&dtd=125

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ba8c722d5a1059950f09a12c68ec21022629d63bed45258a119f738785fc63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43239
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:36 GMT
expires: Thu, 11 Aug 2022 16:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/ Frame 93F1 243 KB
36 KB 90ms
30ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1660233995&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233995382&bpp=2&bdt=577&idt=209&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dBB25aCCSb&p=https%3A//all-news.co&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f5ec07520712ae6044d3d12eaac4fcdf6d6c5fd38e14f845396e97e57a458b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 208992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 35671
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 06:03:24 GMT
expires: Wed, 09 Aug 2023 06:03:24 GMT
last-modified: Tue, 19 Apr 2022 05:20:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7621 0
0 72ms
71ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcjTxCyn1YtjoK9SHnwS39JVIiMyy32j08Y2sww_kgrv7mgIQASDM0-yCAWD7AaABnbj72APIAQmpAgx4wEtnRZI-qAMByAMCqgTyAU_Q5lzoJSoXlan9cWw-YoOVg3yOm-kV9vaHy9XRkC5eBvp2gqG_nvmqeKCoksxvVhOvjJUZA_8T7EEJ9TR0xtB4RkRrzylVq34c4N_p7EKhevQhQsg3Bmi2waaU9WK6q-MrtFYLRGk3nh_rk6aHH3y-90D_YPsBciHx7wU67SLu5zxJjKHkScDmA_v-Tg4yErKTiSHbSOC1hSZDxDnzQP8dmEAWcXujt8fM4EzQKef0YEkG1IXMbWhoDqtt7ikHbFafxKuob7Ie_Tkz1-oor0tKrha_RR__Y-vl7f6RmE50wHpvyCHYhzVfN2HGrI1MqQaFwATxz_aT5AOSBQQIBBgBkgUECAUYBKAGXYAHy8eEJ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIXJAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=_74eCkJgo_I&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1660233995&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233995382&bpp=2&bdt=577&idt=209&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dBB25aCCSb&p=https%3A//all-news.co&dtd=216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 16:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 32FD 143 B
163 B 26ms
25ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1660233995&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233995382&bpp=2&bdt=577&idt=209&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dBB25aCCSb&p=https%3A//all-news.co&dtd=216
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 15:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 7621 3 KB
1 KB 85ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:04:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 7621 18 KB
8 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:59:14 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/ Frame D834 10 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 69486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 20:48:30 GMT
etag: 8616628553774171045
expires: Wed, 24 Aug 2022 20:48:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/ Frame 04BD 10 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 69486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 20:48:30 GMT
etag: 8616628553774171045
expires: Wed, 24 Aug 2022 20:48:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame D834 4 KB
636 B 131ms
55ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 14:39:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D834 205 B
742 B 115ms
24ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 14:13:34 GMT
x-content-type-options: nosniff
age: 6782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Aug 2023 14:13:34 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D834 604 B
694 B 117ms
26ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 14:27:02 GMT
x-content-type-options: nosniff
age: 5974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Aug 2023 14:27:02 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/ Frame D834 19 KB
8 KB 121ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aed0221fdf57f8ebfc72bbcf251a01c4eca732d1163931c2e1899c469df973f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8471
x-xss-protection: 0
server: cafe
etag: 6030533081903203837
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:21:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 04BD 4 KB
621 B 117ms
58ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 14:39:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 04BD 2 KB
902 B 122ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:00:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame 04BD 24 KB
10 KB 110ms
46ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
server: cafe
etag: 6346700346671359222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:03:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 04BD 3 KB
1 KB 121ms
59ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:07:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04BD 140 KB
43 KB 169ms
162ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 04BD 18 KB
8 KB 112ms
51ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:05:20 GMT

GET
H2 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame 04BD 32 KB
13 KB 102ms
31ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 32FD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

56ms
56ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 16:06:36 GMT
expires: Thu, 11 Aug 2022 16:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7621 140 KB
43 KB 168ms
167ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
DATA 200
OK truncated
/ Frame 7621 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 014275f008a11c03b449443dc6089d26f57cfaccc9f03bc774fb7c70c7ea56c0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 93F1 2 KB
454 B 86ms
59ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:regular,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f64bb70b97dd6139b3567ecd0ce1ee23e8f04a8e4c3c82140262d1d365af90a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 16:02:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 93F1 16 KB
6 KB 87ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Aug 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 93F1 26 KB
10 KB 83ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Aug 2022 05:09:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7BCE 8 KB
893 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 14:40:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 7BCE 2 KB
902 B 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:00:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame 7BCE 24 KB
10 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
server: cafe
etag: 6346700346671359222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:03:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 7BCE 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:07:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BCE 140 KB
43 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 7BCE 18 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:05:20 GMT

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame 7BCE 32 KB
13 KB 87ms
25ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H3 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/ Frame 93F1 26 KB
26 KB 39ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:regular,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 13:51:47 GMT
x-content-type-options: nosniff
age: 353689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26592
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:51:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E13 143 B
163 B 26ms
25ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 15:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C6DE 6 KB
672 B 45ms
43ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1486646866&adf=3868016238&pi=t.aa~a.3562888699~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=3&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90&nras=2&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XfrBRunSxZ&p=https%3A//all-news.co&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 14:39:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame C6DE 2 KB
902 B 27ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:00:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame C6DE 24 KB
10 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
server: cafe
etag: 6346700346671359222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:03:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame C6DE 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:07:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6DE 140 KB
43 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame C6DE 18 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6DE 0
0 318ms
33ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSktOBeMobRCHnPPMuUR3Ctz27nDsLT4DKfj4zn2XqcdAb2AhJhMa4RpGtUscCwx4164_3x5otTFZh6eaPeFLH_cIL8KQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1486646866&adf=3868016238&pi=t.aa~a.3562888699~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=3&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90&nras=2&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XfrBRunSxZ&p=https%3A//all-news.co&dtd=31
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame C6DE 32 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H3 200 e9729a99e2ce9704c0788d1ab658d164.js Show response
www.gstatic.com/mysidia/ Frame AAF6 12 KB
5 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3083838368&adf=3514746373&pi=t.aa~a.1157537243~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250&nras=3&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3WUgbc0pip&p=https%3A//all-news.co&dtd=91

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4942
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H3 200 de03a69b80543f0fa8847e29147a30f0.js Show response
www.gstatic.com/mysidia/ Frame AAF6 11 KB
5 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4857
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AAF6 8 KB
893 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 14:39:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame AAF6 2 KB
912 B 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:00:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame AAF6 24 KB
10 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
server: cafe
etag: 6346700346671359222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:03:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame AAF6 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:07:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAF6 140 KB
43 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame AAF6 18 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AAF6 0
0 33ms
32ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyg1rD4XC1YowxczjOCLR3VIZKKW7Fjqpt4TdcosseJhSTzv0Te2jDvnvvSvfGND4M3o4OHjf35ECMCAaA7nu3DW4cjQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3083838368&adf=3514746373&pi=t.aa~a.1157537243~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250&nras=3&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3WUgbc0pip&p=https%3A//all-news.co&dtd=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame AAF6 32 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6DE 0
0 74ms
73ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVfUjDCn1YpCVDM67nwSUw6SgA8WJkINr-oXI-c4Pk5ul7IMCEAEgzNPsggFg-wGgAYbvq5UCyAEJqAMByAPLBKoE-gFP0MExJJ9Uc34jyByi39teofg5BjGZ7sP76BlKlK6A9MmyoSrMWXzkMH1hZiqaYfZ6Ly1KhFDKiBgEX5MfSIlcAi9nLjdSv3BvqHxh1gjOFXyWodS-d9sonTDZbQ_yE905-JvSQvwC0mhgFkQG35uX7_6dxeBtNKEE-UwWQzLnkX0uwsZPBZuOdSem3a6_bIXXh0LUPhfns4_Qa5Cv-asCgIbZFIKRFtxWEtqAHNVm3bdv8nHGOxtHfrC8aIPZ0w83OYiuI3W-yHHxt5KjWTuv6Ey4q6ivSRfeR5ti_ZTUEhG3d6Rt36-H4BKCDUuEXUD8bHJZoiT_-XaiwASB5cyO_QOSBQQIBBgBkgUECAUYBKAGLoAH4pDU6gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCjpQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFATQFQGYFgGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=o34aa7XHIMk&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1486646866&adf=3868016238&pi=t.aa~a.3562888699~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=3&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90&nras=2&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XfrBRunSxZ&p=https%3A//all-news.co&dtd=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 16:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16092967956233063944/ Frame C6DE 18 KB
18 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16092967956233063944/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3653ad0a556bcc44098254e8c670b00f74c535ae3ca8ad8d14a0a8ea7370d7c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 16:28:06 GMT
x-content-type-options: nosniff
age: 85110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18065
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 10:05:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Aug 2023 16:28:06 GMT

GET
DATA 200
OK truncated
/ Frame C6DE 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B73B 1 KB
749 B 26ms
25ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 7544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 14:00:52 GMT
etag: 48472445140208031
expires: Fri, 12 Aug 2022 14:00:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4438 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0017894202085bdaa7072b328cd5cae82afd6c78611ea6ddcdba732306c8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14174
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 08:28:37 GMT

GET
DATA 200
OK truncated
/ Frame C6DE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4c1def904b2b68d86e814646a40afe3c977ea37682982b539e99539202af8fc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 clouds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/ Frame 93F1 4 KB
4 KB 26ms
26ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/clouds.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afa3239a04ca689d77b62d45f3bfcf66e8653a6847a5877a00a553257f38cebb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 209402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4019
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:20:55 GMT
server: sffe
date: Tue, 09 Aug 2022 05:56:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 05:56:34 GMT

GET
H3 200 Jetex-w.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/ Frame 93F1 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/Jetex-w.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34900ef5823ce7380ed18b7cabea4f295587bb779ed6118fbb35418c1b655970

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 209402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1134
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:20:55 GMT
server: sffe
date: Tue, 09 Aug 2022 05:56:34 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 05:56:34 GMT

GET
H3 200 Aircraft.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/ Frame 93F1 20 KB
20 KB 28ms
28ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11909705552629858304/Aircraft.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

784befbb2dad2ce737feba7c425d4a8ace17d6de93953350715acafdd8847e82

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 346245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20920
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:20:55 GMT
server: sffe
date: Sun, 07 Aug 2022 15:55:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Aug 2023 15:55:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6DE 15 KB
16 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 256904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6DE 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 257211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:39:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CC42 8 KB
893 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1025011851&adf=625758300&pi=t.aa~a.3633471688~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280&nras=4&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dXUjlj8tpB&p=https%3A//all-news.co&dtd=103

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 14:39:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame CC42 2 KB
902 B 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:00:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame CC42 24 KB
10 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
server: cafe
etag: 6346700346671359222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:03:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame CC42 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:07:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC42 140 KB
43 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame CC42 18 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:05:20 GMT

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame CC42 32 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4129 8 KB
716 B 36ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=545&adk=3041565072&adf=250173141&pi=t.aa~a.378903493~rp.4&w=696&lmt=1660233996&nsk=3f6d1b0b&rafmt=11&pwprc=3183826420&psa=0&ad_type=text_image&format=696x545&url=https%3A%2F%2Fall-news.co%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250&nras=6&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qjY3ScMach&p=https%3A//all-news.co&dtd=125

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 14:51:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4129 8 KB
716 B 42ms
40ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 14:47:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 4129 35 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb5ec5a7a298268b9656a461fa003aa1140dcc0165bc4bcd1fef3493eaa322f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14154
x-xss-protection: 0
server: cafe
etag: 2042476089749075943
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:55:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame 4129 24 KB
10 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
server: cafe
etag: 6346700346671359222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 16:03:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 4129 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:07:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4129 140 KB
43 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 4129 18 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4129 0
0 33ms
32ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRd3FZ8UP7l3rI35LAryGHZcMdkdmYUb1RXqkuPH3PCXP6ORz3Khkd-NHGmKAOmMMoLLeaNoeGUVbJ2IpYOjNZhtUwN_A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=545&adk=3041565072&adf=250173141&pi=t.aa~a.378903493~rp.4&w=696&lmt=1660233996&nsk=3f6d1b0b&rafmt=11&pwprc=3183826420&psa=0&ad_type=text_image&format=696x545&url=https%3A%2F%2Fall-news.co%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250&nras=6&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qjY3ScMach&p=https%3A//all-news.co&dtd=125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CC42 0
0 74ms
73ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0_EtDCn1YqKNDtDW1fAPot6AmAKr1863apqxvJHeD5aCzYWIFhABIMzT7IIBYPsBoAGbnKTQAcgBCagDAcgDywSqBPgBT9C881pVjk2yb6ldxMTb9yMQtrChzofQekNr-hMkA9hTIW9n9AhUj9gHL1kr_EJRKKMvZlAC0kpWor-vFGFqh-jDZiZtAh-1Oib-u7LugpP7cbuURDhisbYlETnyorOhDNAr4JaqYNoW8mxIU_HrIp58VGn3t446CmqDy6R4iCwB-tZru2gxXJG6dpfngw8NgWsMUzLoro0-Pbbwvst9XXrgMg6a-ZiYNnBT2ShD6Kgv7yeqo3gum6aOhYhTf1WIUNHqXOSTepskRFxEhq2u6vGfRnelRyPEgCrjqHIjmtl2XU6C4nWY3mEk09GqFgn9FvS_8sew32DABM2_4LzxA5IFBAgEGAGSBQQIBRgEoAYugAfN49uvAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEMVE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=HkXEtMQksxA&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1025011851&adf=625758300&pi=t.aa~a.3633471688~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280&nras=4&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dXUjlj8tpB&p=https%3A//all-news.co&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 16:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1400286/log/3/ 0
244 B 109ms
20ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1400286/log/3/unip?en=pre_d_eng_tb&tos=1669&scd=36&ssd=1&est=1660233995278&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1660233996948&vi=1660233995275&ri=ea1e7041f9ea3f15ee36eeca850fa9b4&ref=null&cv=20220807-3-RELEASE&item-url=https%3A%2F%2Fall-news.co%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1400286/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://all-news.co
pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2198527391268070399/ Frame CC42 14 KB
14 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2198527391268070399/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8fc6e2de45f47413a45c246e23286e1a588d4321ab5025203a8cc1e42b06f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 16:40:20 GMT
x-content-type-options: nosniff
age: 429976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14431
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 12:44:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Aug 2023 16:40:20 GMT

GET
DATA 200
OK truncated
/ Frame CC42 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CC42 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F6D0 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDqyoDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTgAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPgjQ0fxB_S95qaHxN48LuXAwSehZLvn85vyTwNQyz_Y58QdkRmWXgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=yL9E8fcpFv8&uach_m=[UACH]&cid=CAQSPACsnQUxfJ9lJKn3jHKl0ngWvCpOBrPAk9ZiONYwZcxLJx3Lt0MM64kcctk4L5RuV0uya6NL1qDR1KMKKRgB

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2119830149&adf=26621657&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280&nras=5&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=45xEaQ73D9&p=https%3A//all-news.co&dtd=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 16:06:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F6D0 0
0 84ms
30ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1ghe22qwvzjkm54ppc8vd220sr523e4zvjxham8y8h2a6d0tfzv0f9byknmn196ertntyf273gxbf46jd57nc4q1kbm251rerqacq6ssee5sxeg2h5td0mfdrttpdj9x3v5t6rhvzagsr5w2rfqwjjw0rp1djt1vnr9qzj20t9ms3ecfv927w7ygtkqpr3472r24akcrpmzfm3bs1jh7zwksmqbad1be07prnyyvdckqah1s97b1n6cfs9g85he0c3g4e7bff0m0te7th4jy7dvdg7dthwtw56505t0cmxcyv920s330rkfqvj9e2yjrdwgxtarx09ps7nz5h7sra919xfy2xw3mf0xw1j3rf3rgpkb947ab2js8d5mgnjeeb0cx31mma0n5d6aya9hm21fnjvgs8&b=YvUpDAAEZxUKh-UIAApbsA9uVnU2BDEU_wD42w
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 16:06:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame FB6A 2 KB
3 KB 138ms
77ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kkjmz0x9pr3hzt6dnryyzzbbya46aq3k4zk898y0qahwe266dvegahx5q2g6t3yq02w437sjaf0afaknqnw6vv2hrzdenh0xhvs81jfss1yrjp2kd091anky5g4vfycgyxw87fsgcqdkz5pg4yxe053jwb1np7h4zbrpppx9fne12y0mm1v8ej429de5jg94ft6t0q84p0cp9s9bz0xgmqcsp4bm4e1ja1d863pakeee0zm2r299c3b7x8fy8d1vn4w2097250trvq74qeanc20vjx8a175smbvgdb88ts7zv8aasa7g4r4ezd8fzp6xd2hbm37e503qb5c6gq6bxrxjf5sstvt4qyfyy9bdqvzhj7fgaf62e8gn95y2chq00fdvk5ekjmg474t9pmbs5xs5hbbc3qeyg5y1qnfz0xh6v024n236jjk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%26client%3Dca-pub-8439024877331049%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2119830149&adf=26621657&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280&nras=5&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=45xEaQ73D9&p=https%3A//all-news.co&dtd=112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11520a721aba930be241eee327d6bcab8709aef7d42439e3d2ceba7edf4c543e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 739238319d80cda7-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame F6D0 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:07:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0FEC 1 KB
749 B 24ms
24ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 7544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 14:00:52 GMT
etag: 48472445140208031
expires: Fri, 12 Aug 2022 14:00:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6D0 140 KB
43 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame F6D0 18 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F6D0 0
0 34ms
34ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrH6iW-xg8iMvXAhccQP5P-Qc3vC2s5J4q5l-BSSgTg5nTo6gTvt_m3_k7j61gpfZYnfILMkLwuzBMbAGsbor9hLTigg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2119830149&adf=26621657&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280&nras=5&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=45xEaQ73D9&p=https%3A//all-news.co&dtd=112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15133298075068839658/ Frame AAF6 2 KB
2 KB 26ms
25ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15133298075068839658/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e3d4a2cc549ba5e51867d426f3e98a0112231497f355dd1ec6815ba67f14dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 17:14:49 GMT
x-content-type-options: nosniff
age: 341508
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1912
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 17:06:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Aug 2023 17:14:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AAF6 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3qdiDCn1YuvqD8WRjvQPt7qpiAqjhJvMa6_8oP_xDtmN8K7NLxABIMzT7IIBYPsBoAGN7OTZAsgBAakCo5bEAn9Iqj6oAwGqBPgBT9DuvP17HCdpKT5WhA4MeiE0WEHu3nivjLtJfSQPU2RuO63zWTB8-eYF9O5r6JDYck3f5NwgfU1nbKjEZZ2DBCrzgZcH07-yeWMpvswXGHDJ5F7eduN5eJ7KF8GlTrLw05Mtlqq6RUG8s_mfRMYAyK2pPP82NvVDA2NlFe9r22dQ85ACGbgiYiW7Cy8wHsvx-HVuZmmgLughmqToEmvlVph8YufAYxc0XWpiqrkLrSpeVtrUbHc-zMI2EWjG4NqoWCZjAEaSRXkqnD212GKj-wO81B34-holegqv2WeqNuQylZy0K86ali4SlzldoWLWV_u72eCp90PABNC6nczmA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIm_AdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQH0BUBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=QPF2U1XsVJ0&uach_m=[UACH]&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3083838368&adf=3514746373&pi=t.aa~a.1157537243~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250&nras=3&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3WUgbc0pip&p=https%3A//all-news.co&dtd=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 16:06:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E13
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

52ms
52ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 16:06:37 GMT
expires: Thu, 11 Aug 2022 16:06:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js Show response
pagead2.googlesyndication.com/bg/ Frame F01E 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0017894202085bdaa7072b328cd5cae82afd6c78611ea6ddcdba732306c8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14174
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 08:28:37 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4342469808852200983/ Frame 4129 44 KB
44 KB 81ms
81ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4342469808852200983/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIuAUQ7AIYASABLQAAAD8wuAU47AJFAACAPw&rs=AOga4qmOG1qc_XyTmyLsTERo0d4k5BlFmg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026e6849661295c6fd4047a30eeb8021fb094dfa93cd57b5e9c8827f99f90c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44641
x-xss-protection: 0
last-modified: Sun, 22 Mar 2020 15:22:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Aug 2023 16:06:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4129 0
0 71ms
70ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTAo2DCn1Yo33EYLmnQTH45XgDqOEm8xrq62ataAOyrqM8b4BEAEgzNPsggFg-wGgAY3s5NkCyAEGqQKjlsQCf0iqPqgDAcgDy4SAAqoE9wFP0GUT8D9VLz243cvwN5nwP6IyUKF9E7HlvKpDl1O8eSaJLEiC7_psJerlHdBUMdEx6r1yK0vvfGBP44eLuB6clxezu7iP9aR1370jQn37RbjnjVmOPMysborzTHe4GLv0Glr2POzN7NtYDU6A1q3bnsDe6okgcVb-M3VPeYmE2l4lwZ8o2pPIWk_VOZ-EbhnUJzl7vmMnhefSX0Z7f2FiA9HCctTf0ekU0jscUxLIK43lmwKoyE_2R_-aXUDjBDw-Qw8jlXoeIx88S2guxo2x47YengKwUwnqHUGtxEuB-ZJNzMq_Pjdz1MSVbNxA1Nll38C4y5iXwASwvp3M5gOSBQQIBBgBkgUECAUYBKAGN4AH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDqqgLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUCdAVAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=s69g6Veork0&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=545&adk=3041565072&adf=250173141&pi=t.aa~a.378903493~rp.4&w=696&lmt=1660233996&nsk=3f6d1b0b&rafmt=11&pwprc=3183826420&psa=0&ad_type=text_image&format=696x545&url=https%3A%2F%2Fall-news.co%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250&nras=6&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qjY3ScMach&p=https%3A//all-news.co&dtd=125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 16:06:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame B73B 35 B
464 B 94ms
27ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDwD1Neit05zqRTHzr-CbSo&google_cver=1&google_push=AehlK4Dwi_Qzz3UKUmPpyz_ti-V9YJikXq-kpCHq4cRJdpjmr9lKS0q4exDr_EGorbVT3ie4gpfItcAGuJ3owB3VfZjuQxtsClw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B73B
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DtqIyjbHFkbM-kAjj4dsvNVtoW_CzbjBw2Zqp...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZVcERRQUFBWUI3QmxDbg&google_push=AehlK4DtqIyjbHFkbM-kAjj4dsvNVtoW_CzbjBw2Zqp9-f4C7WJLFb_OHMlJRlPSumeV3oMDgdOKwQ_wXcVcdyQTPHBm-vtamIFq

170 B
188 B

76ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZVcERRQUFBWUI3QmxDbg&google_push=AehlK4DtqIyjbHFkbM-kAjj4dsvNVtoW_CzbjBw2Zqp9-f4C7WJLFb_OHMlJRlPSumeV3oMDgdOKwQ_wXcVcdyQTPHBm-vtamIFq

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZVcERRQUFBWUI3QmxDbg&google_push=AehlK4DtqIyjbHFkbM-kAjj4dsvNVtoW_CzbjBw2Zqp9-f4C7WJLFb_OHMlJRlPSumeV3oMDgdOKwQ_wXcVcdyQTPHBm-vtamIFq
Date: Thu, 11 Aug 2022 16:06:37 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B73B
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4D5mVx6sN4XTm-roAEXT1WkcaPzVN5LtE1S7-MUoWOEZjMoy_G7FMYRoSULER8_UAVmcYxXTXkv_b5JAtLlwspMcstWBnw&google_gid=CAESEEsX5MMgk2qFGAXO5CbXByM&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCI3S1JcGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BZWhsSzRENW1WeDZzTjRYVG0tcm9BRVhUMVdrY2FQelZONUx0RTFTNy1NVW9XT0Vaak1veV9HN0ZNWVJvU1VMRVI4X1VBVm1jWXhYVFhrdl9iNUpBdE...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMENYNWU1N3JDUEhYX2lPZWRkZGVNODJ3V0N2R3RXSVNqMWJVN2w0MERYMA==&google_push

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMENYNWU1N3JDUEhYX2lPZWRkZGVNODJ3V0N2R3RXSVNqMWJVN2w0MERYMA==&google_push

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 11 Aug 2022 16:06:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMENYNWU1N3JDUEhYX2lPZWRkZGVNODJ3V0N2R3RXSVNqMWJVN2w0MERYMA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame B73B 43 B
350 B 69ms
24ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEElUWiozd72ObI8IfLmRHbk&google_cver=1&google_push=AehlK4BcqGbkglFoW1D2IKaASh7YGFHQ1QI8ga3CzxbLxR7cnKd3RcAWjwZ1FgY-uinbC4qvuyVvaK9cKdwMP0wnKDxAZSdhPXdY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1486646866&adf=3868016238&pi=t.aa~a.3562888699~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=3&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90&nras=2&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XfrBRunSxZ&p=https%3A//all-news.co&dtd=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:36 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: dct88ca20ap8lu0rhkl3v951nqs1eoji

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B73B 0
166 B 70ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAokQ1veuC4DCK4u4-EPaYc&google_cver=1&google_push=AehlK4CnXpkqKe3sws1G9ubM7chJnBZItP9xkXZbVCY3ZwNHnhFyt9_gVS3HzqMKUaI4A7YylXXxuY16dVtKVjcMzvsMIkF7XU6m
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1486646866&adf=3868016238&pi=t.aa~a.3562888699~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=3&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90&nras=2&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XfrBRunSxZ&p=https%3A//all-news.co&dtd=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B73B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEHAbS8ddwXW4FV11us_6l0&google_cver=1&google_push=AehlK4CUrcJm_ErUmhc7rVgneUDaroS9koCD8bpdKZOhakx6lhE_lR2i2n-jaxhFG5wRL8JIsmm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdFWjUtMjctOFhBSA==&google_push=AehlK4CUrcJm_ErUmhc7rVgneUDaroS9koCD8bpdKZOhakx6lhE_lR2i2n-jaxhFG5wRL8JIsmmiw62efzIahcoap-YDm1xhnn04

170 B
188 B

91ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdFWjUtMjctOFhBSA==&google_push=AehlK4CUrcJm_ErUmhc7rVgneUDaroS9koCD8bpdKZOhakx6lhE_lR2i2n-jaxhFG5wRL8JIsmmiw62efzIahcoap-YDm1xhnn04

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdFWjUtMjctOFhBSA==&google_push=AehlK4CUrcJm_ErUmhc7rVgneUDaroS9koCD8bpdKZOhakx6lhE_lR2i2n-jaxhFG5wRL8JIsmmiw62efzIahcoap-YDm1xhnn04
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B73B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB1lEDfSvPF1vZBf9u9M7Zk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB1lEDfSvPF1vZBf9u9M7Zk&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB1lEDfSvPF1vZBf9u9M7Zk&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Bi61zs16yQUzYzD7wDs59GwiOJurhMZ...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB1lEDfSvPF1vZBf9u9M7Zk&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Bi61zs16yQUzYzD7wDs59GwiOJurhMZ1AH7qnd_C_E5uc4QPZfYB0BOHXs0gX-6oIN_pTUstCDLPS4hVculs76-7yeiok

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHViPPmqaw1ekeW%2FCn%2FVrTc1CdsEa%2FD4OJwN3FjV7CZcNQid%2FFO81pAR7xu4%2F%2BPt%2FYD9CNVwDf%2BJ0TDx%2FiE2j0g1wQgqQm6OYgjs1vvMXQMku8mRr2hcPXBZoblyn2Zmz78gl4CFMQ%2FOwg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB1lEDfSvPF1vZBf9u9M7Zk&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Bi61zs16yQUzYzD7wDs59GwiOJurhMZ1AH7qnd_C_E5uc4QPZfYB0BOHXs0gX-6oIN_pTUstCDLPS4hVculs76-7yeiok
cache-control: no-cache
cf-ray: 73923834bacd331c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B73B 0
223 B 107ms
33ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I05ZvUWfAA_GwOw2Fda1e5tJiaQn2dV1UKy4eCrXLCjyWIGGFgvqm2hPOFhrIl5CuFxN4K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4129 15 KB
16 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 256905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4129 16 KB
16 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 270632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:56:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4129 15 KB
15 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 248322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 19:07:55 GMT

GET
DATA 200
OK truncated
/ Frame F6D0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9e650126217e279dd44e26f4284cba45b732fe7b4f4bb594b310abea0a34798

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0385 143 B
163 B 26ms
26ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=545&adk=3041565072&adf=250173141&pi=t.aa~a.378903493~rp.4&w=696&lmt=1660233996&nsk=3f6d1b0b&rafmt=11&pwprc=3183826420&psa=0&ad_type=text_image&format=696x545&url=https%3A%2F%2Fall-news.co%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250&nras=6&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qjY3ScMach&p=https%3A//all-news.co&dtd=125
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 15:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 113E 1 KB
749 B 26ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 7545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 14:00:52 GMT
etag: 48472445140208031
expires: Fri, 12 Aug 2022 14:00:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4129 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a2550911a81c4dc34ecbf4464b91cf885d73fce88a927e31b8c6c59bc5e7bba

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E485 143 B
163 B 26ms
24ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3083838368&adf=3514746373&pi=t.aa~a.1157537243~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250&nras=3&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3WUgbc0pip&p=https%3A//all-news.co&dtd=91
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 15:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AC19 1 KB
749 B 27ms
24ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 7545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 14:00:52 GMT
etag: 48472445140208031
expires: Fri, 12 Aug 2022 14:00:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FCA6 1 KB
749 B 25ms
25ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 7545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 14:00:52 GMT
etag: 48472445140208031
expires: Fri, 12 Aug 2022 14:00:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AAF6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cae747a1fe244726a729c8a81f90c8a1129afae499e9d6b3337e8503cef5310c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CC42 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e57c7c9ee4e3b113fd51945d13d743f5a6b2f2e9f2e98d178b13347a4bd6ea93

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2ADE 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0017894202085bdaa7072b328cd5cae82afd6c78611ea6ddcdba732306c8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14174
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 08:28:37 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame FB6A 84 KB
11 KB 61ms
39ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kkjmz0x9pr3hzt6dnryyzzbbya46aq3k4zk898y0qahwe266dvegahx5q2g6t3yq02w437sjaf0afaknqnw6vv2hrzdenh0xhvs81jfss1yrjp2kd091anky5g4vfycgyxw87fsgcqdkz5pg4yxe053jwb1np7h4zbrpppx9fne12y0mm1v8ej429de5jg94ft6t0q84p0cp9s9bz0xgmqcsp4bm4e1ja1d863pakeee0zm2r299c3b7x8fy8d1vn4w2097250trvq74qeanc20vjx8a175smbvgdb88ts7zv8aasa7g4r4ezd8fzp6xd2hbm37e503qb5c6gq6bxrxjf5sstvt4qyfyy9bdqvzhj7fgaf62e8gn95y2chq00fdvk5ekjmg474t9pmbs5xs5hbbc3qeyg5y1qnfz0xh6v024n236jjk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%26client%3Dca-pub-8439024877331049%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kkjmz0x9pr3hzt6dnryyzzbbya46aq3k4zk898y0qahwe266dvegahx5q2g6t3yq02w437sjaf0afaknqnw6vv2hrzdenh0xhvs81jfss1yrjp2kd091anky5g4vfycgyxw87fsgcqdkz5pg4yxe053jwb1np7h4zbrpppx9fne12y0mm1v8ej429de5jg94ft6t0q84p0cp9s9bz0xgmqcsp4bm4e1ja1d863pakeee0zm2r299c3b7x8fy8d1vn4w2097250trvq74qeanc20vjx8a175smbvgdb88ts7zv8aasa7g4r4ezd8fzp6xd2hbm37e503qb5c6gq6bxrxjf5sstvt4qyfyy9bdqvzhj7fgaf62e8gn95y2chq00fdvk5ekjmg474t9pmbs5xs5hbbc3qeyg5y1qnfz0xh6v024n236jjk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 536931
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86749
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 05 Aug 2022 10:57:46 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 73923833893a40f3-CDG
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame FB6A 36 KB
13 KB 75ms
62ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kkjmz0x9pr3hzt6dnryyzzbbya46aq3k4zk898y0qahwe266dvegahx5q2g6t3yq02w437sjaf0afaknqnw6vv2hrzdenh0xhvs81jfss1yrjp2kd091anky5g4vfycgyxw87fsgcqdkz5pg4yxe053jwb1np7h4zbrpppx9fne12y0mm1v8ej429de5jg94ft6t0q84p0cp9s9bz0xgmqcsp4bm4e1ja1d863pakeee0zm2r299c3b7x8fy8d1vn4w2097250trvq74qeanc20vjx8a175smbvgdb88ts7zv8aasa7g4r4ezd8fzp6xd2hbm37e503qb5c6gq6bxrxjf5sstvt4qyfyy9bdqvzhj7fgaf62e8gn95y2chq00fdvk5ekjmg474t9pmbs5xs5hbbc3qeyg5y1qnfz0xh6v024n236jjk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=QLBs9A==, md5=pp9azZKJxl5nOXvhQrwsPw==
date: Thu, 11 Aug 2022 16:06:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19616
x-guploader-uploadid: ADPycdvjIS4WuNTms2QiKxGEak9xAbZ6zSRoS0rcZ2nXUSg90ezTQjg10F3u62OZJNICE1ww1NgESPuSHObU-4Kyo1GGD1Ve88AZ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc%2BU3UhKrLfeGT674b1fLFmexAg9MW2AziXVgaOon6fZVQv7NGqgWs494vsainry8ZEe3l0AkMGzHYVBw2ZYKTMYrh0%2FgMrY4ufz4oE0aDTpiHJzrtBCAkXGbYOXeCCjkzknaz8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1658918351642621
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11980
cf-ray: 739238337fa9cda7-CDG
expires: Thu, 11 Aug 2022 10:39:41 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0FEC
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DmsjG0PP5KLc_F5JS_BBsbYcOX7msaJwk0j4X...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZVcERRQUFCUVo1QENINw&google_push=AehlK4DmsjG0PP5KLc_F5JS_BBsbYcOX7msaJwk0j4XEklnyCq7ZOgxuwl-wf4hnNworOfr5xoz06JbQwGHQ8PuSeUY6ZVBXYaju

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZVcERRQUFCUVo1QENINw&google_push=AehlK4DmsjG0PP5KLc_F5JS_BBsbYcOX7msaJwk0j4XEklnyCq7ZOgxuwl-wf4hnNworOfr5xoz06JbQwGHQ8PuSeUY6ZVBXYaju

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZVcERRQUFCUVo1QENINw&google_push=AehlK4DmsjG0PP5KLc_F5JS_BBsbYcOX7msaJwk0j4XEklnyCq7ZOgxuwl-wf4hnNworOfr5xoz06JbQwGHQ8PuSeUY6ZVBXYaju
Date: Thu, 11 Aug 2022 16:06:37 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0FEC
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECRNBNuZ21UbFFSpQo7mwlY&google_cver=1&google_push=AehlK4AZjIncmlZIEY6-ZAYgzdDXwNOatP-XAFwUHJEN-Pnaqi-NUc92ks9vY6Zzw9EO3_O-_fed8sc_xeRUrDHp2ZCaeKx3gr7b
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AZjIncmlZIEY6-ZAYgzdDXwNOatP-XAFwUHJEN-Pnaqi-NUc92ks9vY6Zzw9EO3_O-_fed8sc_xeRUrDHp2ZCaeKx3gr7b&google_hm=Q0FFU0VDUk5CTnVaMjFVY...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AZjIncmlZIEY6-ZAYgzdDXwNOatP-XAFwUHJEN-Pnaqi-NUc92ks9vY6Zzw9EO3_O-_fed8sc_xeRUrDHp2ZCaeKx3gr7b&google_hm=Q0FFU0VDUk5CTnVaMjFVYkZGU3BRbzdtd2xZ

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 16:06:37 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AZjIncmlZIEY6-ZAYgzdDXwNOatP-XAFwUHJEN-Pnaqi-NUc92ks9vY6Zzw9EO3_O-_fed8sc_xeRUrDHp2ZCaeKx3gr7b&google_hm=Q0FFU0VDUk5CTnVaMjFVYkZGU3BRbzdtd2xZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 0FEC 42 B
60 B 59ms
24ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4Be_FvNFYKMg2xD5KqBwk6YQ6wYTpS_tnE9teFAmM6Q5d5SJqZIMYOvJe13yBdjkNKNtI0vvQVI-ycmCfifY4xXPgPfGFQB&google_gid=CAESEFjbpN0o5wSmcOQ8D8TeVrw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2119830149&adf=26621657&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280&nras=5&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=45xEaQ73D9&p=https%3A//all-news.co&dtd=112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 16:06:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0FEC 0
41 B 19ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAhZiUEchPQd92mBisQkXhI&google_cver=1&google_push=AehlK4DdSu3VOjBNMwoeFQ0xRppop9OC0laqva9ED--qXROeXznwSS0ibxmarHxMV8pftMSyq1kWWS0LWaknDqjfbt4LZKRxgfQM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2119830149&adf=26621657&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280&nras=5&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=45xEaQ73D9&p=https%3A//all-news.co&dtd=112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame 0FEC 43 B
296 B 308ms
22ms Image
image/gif 2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBLf4iNTvD58-qJiXizP4Cg&google_cver=1&google_push=AehlK4BuVJoa2c_29x_3OXzzSEOVabjSO7DdQqu32ahmmfKq-lUcV1o1zAVUiIXfvqWJbpNPnU2Lg59KlGXb6Is2y1BRZMhrFVg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2119830149&adf=26621657&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280&nras=5&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=4816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=45xEaQ73D9&p=https%3A//all-news.co&dtd=112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 0FEC 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0FEC 0
12 B 79ms
33ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXZ0zS4Pik1KnnFDkk9HXZsCoaCWPG7lI_790hYIZKkclRu1eSHvYcG6tm0irhLsg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame AAF6 28 KB
28 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 70183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 20:36:54 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame CC42 28 KB
28 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 70183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 20:36:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 113E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPfO27qwtYHVXD4eJ1462OA&google_cver=1&google_push=AehlK4A_CcLEAqcnwwV8YkQpr_wLry7m_cdtTUAsqmY86h69LfBSMumLtq...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4A_CcLEAqcnwwV8YkQpr_wLry7m_cdtTUAsqmY86h69LfBSMumLtqE9s89aQuBmdT6YHqqQ_O2IMBjlbsHpTgxEcuo9N69J&google_hm=yWiFJFz31V26...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4A_CcLEAqcnwwV8YkQpr_wLry7m_cdtTUAsqmY86h69LfBSMumLtqE9s89aQuBmdT6YHqqQ_O2IMBjlbsHpTgxEcuo9N69J&google_hm=yWiFJFz31V26TdWODiefAQ

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4A_CcLEAqcnwwV8YkQpr_wLry7m_cdtTUAsqmY86h69LfBSMumLtqE9s89aQuBmdT6YHqqQ_O2IMBjlbsHpTgxEcuo9N69J&google_hm=yWiFJFz31V26TdWODiefAQ
pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 113E 42 B
60 B 30ms
27ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4CUEY8fhV2-tsG2wsxcl-vQLm00Uv5QFW1zOVjUl0gC6D2mzInYCJpZVQ-IXd78SSBVJBuqFLD8hu2ZOfSGlLqOkCKgFUTx&google_gid=CAESEHwe4tms7yggchLzf7BTtTQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=545&adk=3041565072&adf=250173141&pi=t.aa~a.378903493~rp.4&w=696&lmt=1660233996&nsk=3f6d1b0b&rafmt=11&pwprc=3183826420&psa=0&ad_type=text_image&format=696x545&url=https%3A%2F%2Fall-news.co%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250&nras=6&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qjY3ScMach&p=https%3A//all-news.co&dtd=125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 16:06:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 200 dds
rtb.openx.net/sync/ Frame 113E 43 B
64 B 47ms
25ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEIu7Es8KmNH-pY4GJWBRgk&google_cver=1&google_push=AehlK4B1u9PWDVe33R2lCO3IPG8DjsXsnivUxBDMhUif7knt8J20G0337t5XUhJrBSBRbnHGPyjcXoFWu-VdkLdT2u6xgrEc078F
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=545&adk=3041565072&adf=250173141&pi=t.aa~a.378903493~rp.4&w=696&lmt=1660233996&nsk=3f6d1b0b&rafmt=11&pwprc=3183826420&psa=0&ad_type=text_image&format=696x545&url=https%3A%2F%2Fall-news.co%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250&nras=6&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qjY3ScMach&p=https%3A//all-news.co&dtd=125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: q02t6imtaif1mrpn92c1n1rem9nfqvgk

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 113E 0
41 B 22ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDciLOKLfPMMq9T6pEs0xA4&google_cver=1&google_push=AehlK4AQ5Rl2UTwgxfxj0-jM3xZsO6tNH8eGvK6YFqNZjMddW_k4L6UKMD2AF2plRqPb7JnX5LctL9sHV7xukIILFMWmZT3eHw7f
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=545&adk=3041565072&adf=250173141&pi=t.aa~a.378903493~rp.4&w=696&lmt=1660233996&nsk=3f6d1b0b&rafmt=11&pwprc=3183826420&psa=0&ad_type=text_image&format=696x545&url=https%3A%2F%2Fall-news.co%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250&nras=6&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qjY3ScMach&p=https%3A//all-news.co&dtd=125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 113E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOqQIDV4CKfrGpqV06zExRQ&google_cver=1&google_push=AehlK4ABqOAvq5lDBWxjhV-51idQZQCMYl358iPAlBYn-GiAeFXSOj8X3CwoBx1f-3NsfG2VTl7...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGM1gtMy1HS0tN&google_push=AehlK4ABqOAvq5lDBWxjhV-51idQZQCMYl358iPAlBYn-GiAeFXSOj8X3CwoBx1f-3NsfG2VTl7IvGVxHAeWcP1uUzjpJfVxDs1_

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGM1gtMy1HS0tN&google_push=AehlK4ABqOAvq5lDBWxjhV-51idQZQCMYl358iPAlBYn-GiAeFXSOj8X3CwoBx1f-3NsfG2VTl7IvGVxHAeWcP1uUzjpJfVxDs1_

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGM1gtMy1HS0tN&google_push=AehlK4ABqOAvq5lDBWxjhV-51idQZQCMYl358iPAlBYn-GiAeFXSOj8X3CwoBx1f-3NsfG2VTl7IvGVxHAeWcP1uUzjpJfVxDs1_
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 113E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJYJbyq0_uV6u2I-bh0Eyzs&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJYJbyq0_uV6u2I-bh0Eyzs&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJYJbyq0_uV6u2I-bh0Eyzs&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Cygdl1s1_AzYi1vbwVdgmdBlBW5H_CY...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJYJbyq0_uV6u2I-bh0Eyzs&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Cygdl1s1_AzYi1vbwVdgmdBlBW5H_CY8nYe1OMkIGLF4DocdKHgscF7VUyEdz9I3Qe2FdcYUXd6Fu1m9HPjy74TC8Hgr8

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paChnTduF9xvqWYiS3sQnCMJyRyqgN4lJDlF4%2BB8KIVocpyak%2BbPEnhay5%2FIhptLXRwlJaPDZXFYO9%2BnmVmctUjPtgxqLI33qdBz8086ZcgqtxLab7icI%2B7COq1U%2F0t1lLTgRzd6G3SEvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJYJbyq0_uV6u2I-bh0Eyzs&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Cygdl1s1_AzYi1vbwVdgmdBlBW5H_CY8nYe1OMkIGLF4DocdKHgscF7VUyEdz9I3Qe2FdcYUXd6Fu1m9HPjy74TC8Hgr8
cache-control: no-cache
cf-ray: 73923834bad3331c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 113E 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 113E 0
12 B 38ms
36ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJXo5a97awBgyJ-5ZQSUN61DfEaC8D3G6AOay99k8c_PGZWjUdG_Qbddi_9UnnT3zA4Pm_Lw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC19
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_QG3hDC5av8jZwThr6GuE&google_cver=1&google_push=AehlK4AFlLSL0Y6503utXFryVgqciCMU7-70mhh3mdDM9FQjFtmvfl5wj4...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4AFlLSL0Y6503utXFryVgqciCMU7-70mhh3mdDM9FQjFtmvfl5wj4FKX2_B8OJ-qOhr7MqdnoAo08MrNqKzkQRjP5eDFo8T&google_hm=yWiFJFz31V26...

170 B
188 B

37ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4AFlLSL0Y6503utXFryVgqciCMU7-70mhh3mdDM9FQjFtmvfl5wj4FKX2_B8OJ-qOhr7MqdnoAo08MrNqKzkQRjP5eDFo8T&google_hm=yWiFJFz31V26TdWODiefAQ

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4AFlLSL0Y6503utXFryVgqciCMU7-70mhh3mdDM9FQjFtmvfl5wj4FKX2_B8OJ-qOhr7MqdnoAo08MrNqKzkQRjP5eDFo8T&google_hm=yWiFJFz31V26TdWODiefAQ
pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC19
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BCjlGz...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BCjlGz...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTExNjA2MzgwMDA1ODMzOTUzMzY0Mw%3D%3D&google_push=AehlK4BCjlGzRzQ2gw23c3NbPSAu-7nqJg5oJo3q474Gh9ZSIx8C8H5l0M2IYmnTyUSild...

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTExNjA2MzgwMDA1ODMzOTUzMzY0Mw%3D%3D&google_push=AehlK4BCjlGzRzQ2gw23c3NbPSAu-7nqJg5oJo3q474Gh9ZSIx8C8H5l0M2IYmnTyUSild2lcQWEfW4iQS9Bljz4KYJEFyYyFdFP

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTExNjA2MzgwMDA1ODMzOTUzMzY0Mw%3D%3D&google_push=AehlK4BCjlGzRzQ2gw23c3NbPSAu-7nqJg5oJo3q474Gh9ZSIx8C8H5l0M2IYmnTyUSild2lcQWEfW4iQS9Bljz4KYJEFyYyFdFP
pragma: no-cache
date: Thu, 11 Aug 2022 16:06:38 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 11 Aug 2022 16:06:38 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame AC19 43 B
64 B 33ms
26ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEC7Awtav6K9cijuefPunXY0&google_cver=1&google_push=AehlK4AJJ0Ycne4aTiEZPCZ84-OsrRh7WAqZjdGcCPTooT5M_fPz9AWhTXNdMlw2DN0mLqZR8-FfsZrnJEuDmFQKeT1gJAaTMcY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3083838368&adf=3514746373&pi=t.aa~a.1157537243~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250&nras=3&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3WUgbc0pip&p=https%3A//all-news.co&dtd=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:36 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0pa6052s86gth2g0f8fuqpdcau60gbd6

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame AC19 0
41 B 26ms
23ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELuaK1fWLZl-Wz-8tVBYHJI&google_cver=1&google_push=AehlK4ByI9mGDx5dgdvC59SUU7gllzCYXAsGjhPySbps45QJMA3qldCYUSsDMkl50cqDEEvrRZ0bvrEdSKNrIZXe4kbZOxPNBoYi
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3083838368&adf=3514746373&pi=t.aa~a.1157537243~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=2&bdt=1275&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250&nras=3&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3WUgbc0pip&p=https%3A//all-news.co&dtd=91
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC19
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPj4hktXjORRTPFj3pYs45Y&google_cver=1&google_push=AehlK4AfOHkzlKSZSnk4yEVanmp7iMC2bUL_ZbWXi8-3gCsmb0GUsWD-8tSiTpN4syFKz9k0p2i...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGNkgtNC1KOENE&google_push=AehlK4AfOHkzlKSZSnk4yEVanmp7iMC2bUL_ZbWXi8-3gCsmb0GUsWD-8tSiTpN4syFKz9k0p2iE6Zx4iOxRExON9uHWpq_KuSo

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGNkgtNC1KOENE&google_push=AehlK4AfOHkzlKSZSnk4yEVanmp7iMC2bUL_ZbWXi8-3gCsmb0GUsWD-8tSiTpN4syFKz9k0p2iE6Zx4iOxRExON9uHWpq_KuSo

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGNkgtNC1KOENE&google_push=AehlK4AfOHkzlKSZSnk4yEVanmp7iMC2bUL_ZbWXi8-3gCsmb0GUsWD-8tSiTpN4syFKz9k0p2iE6Zx4iOxRExON9uHWpq_KuSo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC19
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOAMyn1lYSOdxepkYh_s_GM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOAMyn1lYSOdxepkYh_s_GM&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOAMyn1lYSOdxepkYh_s_GM&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Ds43Jl1U2ivyktU6xi-o5IXQiJ1M9W3...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOAMyn1lYSOdxepkYh_s_GM&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Ds43Jl1U2ivyktU6xi-o5IXQiJ1M9W3bv1Opio5KYZYH-SfYNQc4Po-JWhMdIwYIcIZLjrgq4kbajeHVpQjhqRREii97M

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0c6SVURFka7me1NZ26qwHrTU51DTZcEeNnNuQHcIEYtUv5lyq6Rvk8QaVk8i4GVAoAmzYfyNG0dzZjT2Ahwr5Pei%2Fzz%2ByLZtXU5EMNFCfeofOTYbVl8cv8MKLYooU8c4JFxxDBPe%2FfvhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOAMyn1lYSOdxepkYh_s_GM&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4Ds43Jl1U2ivyktU6xi-o5IXQiJ1M9W3bv1Opio5KYZYH-SfYNQc4Po-JWhMdIwYIcIZLjrgq4kbajeHVpQjhqRREii97M
cache-control: no-cache
cf-ray: 73923834bad6331c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame AC19 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AC19 0
12 B 34ms
32ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjBLW8OXsThoHzpOJfkVA6zPBvQ3S7pJJfhyF-MgcNarmdfatj9yQkj9pNbuSpSjwZPls8dw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FCA6
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELLI51pAmNigH7jV9orDL38&google_cver=1&google_push=AehlK4DWvdWPivl7zW3yXWzIU_Ki7c9pcT3ZwnMufV2SDqEoni9YV6k7J-...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DWvdWPivl7zW3yXWzIU_Ki7c9pcT3ZwnMufV2SDqEoni9YV6k7J-vk_CWq9bIY-hZ9Ht1jOJC10R87No2lhFkeGeeNiPFV&google_hm=yWiFJFz31V26...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DWvdWPivl7zW3yXWzIU_Ki7c9pcT3ZwnMufV2SDqEoni9YV6k7J-vk_CWq9bIY-hZ9Ht1jOJC10R87No2lhFkeGeeNiPFV&google_hm=yWiFJFz31V26TdWODiefAQ

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DWvdWPivl7zW3yXWzIU_Ki7c9pcT3ZwnMufV2SDqEoni9YV6k7J-vk_CWq9bIY-hZ9Ht1jOJC10R87No2lhFkeGeeNiPFV&google_hm=yWiFJFz31V26TdWODiefAQ
pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FCA6
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGriJSPDAxoniwagPvggPfA&google_cver=1&google_push=AehlK4ARlVXnfDmt22o6GBQ7AfTeSCmX5-3WXNjAqKAy2vLJMtuMHVUu9K2TeyliGtc6p9qD3txtAuHvQ8vF6Dytwk1ZhJ41Tm_l
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4ARlVXnfDmt22o6GBQ7AfTeSCmX5-3WXNjAqKAy2vLJMtuMHVUu9K2TeyliGtc6p9qD3txtAuHvQ8vF6Dytwk1ZhJ41Tm_l&google_hm=Q0FFU0VHcmlKU1BEQXhvb...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4ARlVXnfDmt22o6GBQ7AfTeSCmX5-3WXNjAqKAy2vLJMtuMHVUu9K2TeyliGtc6p9qD3txtAuHvQ8vF6Dytwk1ZhJ41Tm_l&google_hm=Q0FFU0VHcmlKU1BEQXhvbml3YWdQdmdnUGZB

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 16:06:36 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4ARlVXnfDmt22o6GBQ7AfTeSCmX5-3WXNjAqKAy2vLJMtuMHVUu9K2TeyliGtc6p9qD3txtAuHvQ8vF6Dytwk1ZhJ41Tm_l&google_hm=Q0FFU0VHcmlKU1BEQXhvbml3YWdQdmdnUGZB
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FCA6
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CyNsQG...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CyNsQG...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTExNjA2MzgwMDAxMjI5NjQxNDk0MQ%3D%3D&google_push=AehlK4CyNsQGbm2QRe1U_WpyTQXseipdgChfudjvOPoXlX-_sMir68xwoiqCY7akQ6uu6p...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTExNjA2MzgwMDAxMjI5NjQxNDk0MQ%3D%3D&google_push=AehlK4CyNsQGbm2QRe1U_WpyTQXseipdgChfudjvOPoXlX-_sMir68xwoiqCY7akQ6uu6pUx9LYLsDtRi7mODk8Afu0mB-S2ltU

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTExNjA2MzgwMDAxMjI5NjQxNDk0MQ%3D%3D&google_push=AehlK4CyNsQGbm2QRe1U_WpyTQXseipdgChfudjvOPoXlX-_sMir68xwoiqCY7akQ6uu6pUx9LYLsDtRi7mODk8Afu0mB-S2ltU
pragma: no-cache
date: Thu, 11 Aug 2022 16:06:38 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 11 Aug 2022 16:06:38 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame FCA6 43 B
64 B 26ms
24ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH0dZtdt0OJVgzH75tpIE5U&google_cver=1&google_push=AehlK4AUt4vGY2xxqtYEE1eg7jwLZ_fyhyOdHM7yxuGrc1BpkvNPRKCi0mj1Ex7uyZUx-eX-iZlWRQOhDXPYqk_wXPwoF-saMPrG
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1025011851&adf=625758300&pi=t.aa~a.3633471688~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280&nras=4&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dXUjlj8tpB&p=https%3A//all-news.co&dtd=103
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:36 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 6q1hdkjq7hst292539o1fpm1q7f2la97

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame FCA6 0
41 B 19ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECgBX6yVAMrZJyOmKreR8qI&google_cver=1&google_push=AehlK4Db68I1Ax1_JehxIyV3Nu9cS5zYEXAFeTiFiI_ojBnH9hgspYOoTf4sjmHpr7AEtoCBre_5GhtNCGxOuZjNGMB5HQ-ogws9
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1025011851&adf=625758300&pi=t.aa~a.3633471688~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1660233996&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233996080&bpp=1&bdt=1274&idt=-M&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280&nras=4&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dXUjlj8tpB&p=https%3A//all-news.co&dtd=103
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FCA6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAppUH-b2X8WM22kju4LekU&google_cver=1&google_push=AehlK4CvAJ3WhltL-fCD0TDj073SlgzQw22qvRh2yiB-v2kKMGpvMdjymKSrq8eRxmJb1Qzgibj...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGNzQtMUstNjVWMg==&google_push=AehlK4CvAJ3WhltL-fCD0TDj073SlgzQw22qvRh2yiB-v2kKMGpvMdjymKSrq8eRxmJb1Qzgibj3BknrmRA8zlD-4bzVLFGUb0U

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGNzQtMUstNjVWMg==&google_push=AehlK4CvAJ3WhltL-fCD0TDj073SlgzQw22qvRh2yiB-v2kKMGpvMdjymKSrq8eRxmJb1Qzgibj3BknrmRA8zlD-4bzVLFGUb0U

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQOEdGNzQtMUstNjVWMg==&google_push=AehlK4CvAJ3WhltL-fCD0TDj073SlgzQw22qvRh2yiB-v2kKMGpvMdjymKSrq8eRxmJb1Qzgibj3BknrmRA8zlD-4bzVLFGUb0U
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FCA6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHrpcMKeaXvJgjD7SFKE6WM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHrpcMKeaXvJgjD7SFKE6WM&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4DNpB-1uBnsKHA_WYMPCKObeRGS3LfoO...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHrpcMKeaXvJgjD7SFKE6WM&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4DNpB-1uBnsKHA_WYMPCKObeRGS3LfoOg14rSB_ZCDPKt_7LqJJp25BiJ0OR58kbFJecJ-7XnVsXPu3KyWx2W-31o2J1Zth

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUHkuWTENsyhGOjoTTP4ZE1klYGmC5EYYYiq5sLkGyDTnpN%2Fx4swUPPT43v5CiLPTZc1LNIZWzZzMGxpQkDt8NtABVnyQZM%2BTCsNlfrQxTbykXCJ8qUX8OVSJTW5HgirK77bZ%2BxsLv9v7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHrpcMKeaXvJgjD7SFKE6WM&google_hm=YvUpDQ_Diiy6Dgi4k50OFQAABK4AAAAB&google_nid=index&google_push=AehlK4DNpB-1uBnsKHA_WYMPCKObeRGS3LfoOg14rSB_ZCDPKt_7LqJJp25BiJ0OR58kbFJecJ-7XnVsXPu3KyWx2W-31o2J1Zth
cache-control: no-cache
cf-ray: 73923834bad0331c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FCA6 0
12 B 34ms
33ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITEvgZVhlkZ5ze5IoDMQF6lxgxJCvUCn0FgYF85jIHK_8vSVdn7jdCyV3Z3MtBEbPYPYTN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0385
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

44ms
44ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 16:06:37 GMT
expires: Thu, 11 Aug 2022 16:06:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js Show response
pagead2.googlesyndication.com/bg/ Frame EFC1 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0017894202085bdaa7072b328cd5cae82afd6c78611ea6ddcdba732306c8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14174
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 08:28:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E485
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

58ms
57ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 16:06:37 GMT
expires: Thu, 11 Aug 2022 16:06:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js Show response
pagead2.googlesyndication.com/bg/ Frame E825 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0017894202085bdaa7072b328cd5cae82afd6c78611ea6ddcdba732306c8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14174
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 08:28:37 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame FB6A 3 KB
4 KB 101ms
41ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5455614
x-guploader-uploadid: ABg5-UzDXz48Jp5FL0TmyQDSscMPwQiKL8JA4FKbkcP1npkz9mbjqsx6NGoabUShkVVvzmaj0A5RwcAjwhv-JhQocsL5sa0hzg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxqAfznYup4hUu1rSM7xe796v3KfE9%2BGRu%2BPmT0Xxn51DmkCUzRf2puEKxNOE62jayllmSzllxh%2FYLxfZJ3Mnjc84vklvzlvDimjQkSOfKf5OA9tlVnlNY64vnJVg0vougTcyx%2BjnUr3YpsOu%2B6jefFt"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 739238352a5f99dc-CDG
expires: Fri, 09 Jun 2023 12:39:43 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 6208 2 KB
2 KB 33ms
31ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1094913
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 73923834dc3240f3-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 11 Aug 2022 16:06:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 11 Aug 2022 17:06:37 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpAwRFFCcr7cmNMrl79UWofW0QJuMFELDlzU%2F5V1RQMPYLcB1Td%2BM0kEtO8er9E6SKlY%2FRRk1hgv1zyGxxutZ09R%2BSznsiqWQs4o4CF8VGBF22QPCO4UvZIva2xatL2chh8XVek%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdvvtSIAwsCmiM-QNfjU4V1IkNqaQClE4RrhA81LOeMfWEq6Es7rtcmMgv5r6VPQvchA57U4Y0qySTbEmuxJwzI

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6D0 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=bdt.1274,req.112,bpp.1,fb.898,e2e.1608,fs.-1660233996080,reqs.-1660233996080,ress.-1660233996080,rese.895&e=&id=csi_pagead&gqid=DCn1YqWWDoTetgfw4JLgDA&qqid=CJWE38yVv_kCFQjlhwodsFsKfQ&rt=lb.218,ol.710

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 16:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 16:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7DE2 84 KB
29 KB 505ms
505ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1291961522&adf=278409778&pi=t.ma~as.9785579158&w=300&lmt=1660233997&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233997691&bpp=2&bdt=2885&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250%2C696x545%2C1600x1200%2C1005x124&nras=8&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&psts=AEC3cPLxCJJ1QaGOk3SaMicJmWUjm0bEFMh7iLYFN3NANOXwNaJrKaz25E2Hz4YMUMPOboTpSc1fPulmU8l7zA%2CAEC3cPJWj2IGbg25dM-jmi1Hnu5ep3PINBNbZYhRf0dQ09zH1KRq1olK1WkCTHnAB3qSuqxBhEqVfzi1jGOad2LRo4_rjGTe8obZ68djPbMwS74%2CAEC3cPLddDbp3_eLId_CsRHAY_zABLpx-CmyBc2l4RMv73LSenQXgygdcRZR_BSHuLKpZFSU8OOQ0kxRSE3Os7ZdgQ%2CAEC3cPLEDXYGTDWsXzUe6Tqo5v0Bb2-VUzkIF0JbyNWfcLl_TNzk79HOg25rcDomzVqCrz-Blz-ezSSjatBGHjH4ug%2CAEC3cPIhjnHNlFiIXOX5-E1ptaUXjYBGFVZ53w_0wVAdl_IsxrfNb6NhJpjd7LlEOG_KaR9rGesSyP1mMl56-ux5iA%2CAEC3cPJoLxUHUqhJtrk2Li3Bg1oGIqlR7J5j1HwTJkbChJpX7LDvnGQgTBWFxo2MeWRMhklyYv-yzvGgWowYtYKBxQ&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=t1PWqTpn0W&p=https%3A//all-news.co&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5d79e3c7c7f87c66bcf8c92aa154e81f76f2af09f4b2ecdd8efd95b801c7198

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPy4u82Vv_kCFeKHgwgdIcAGdw&gqi=DSn1Yru4LZqytwfY7JzIDg&layout=/sadbundle/%24csp%253Der3%24/17064940463162654720/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 29236
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPy4u82Vv_kCFeKHgwgdIcAGdw&gqi=DSn1Yru4LZqytwfY7JzIDg&layout=/sadbundle/%24csp%253Der3%24/17064940463162654720/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 12358-field-of-dreams-game-2022-minor-leaguers-get-their-night-on-big-stage-696x392.jpg
all-news.co/wp-content/uploads/2022/08/ 66 KB
67 KB 28ms
27ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12358-field-of-dreams-game-2022-minor-leaguers-get-their-night-on-big-stage-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e3444c9fec33f6c5a69598d306a01245f134f0eb48be464f1305a6d78413a0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67671
last-modified: Thu, 11 Aug 2022 13:24:57 GMT
server: cloudflare
etag: "10857-5e5f717831fa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXlzi%2FMzKoJKW%2FsNwY5knziCuxjbFS4KuBVfjDrXbLsp2lfNYsAv4DOhkPuhrYzm8zUI1Nk%2BMbMeQeH%2BPnpIfge22SgohlTizRmer8OPiPNjRzKXIt5NB%2FU5UZXYbWxoQ0EKGM5nV0E7tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 739238360d6f331c-CDG

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 133ms
79ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad4ee67a5fb59344e9bb3b11f94b003bd98a82ff3a0d48ae84b763440bbfa4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 16:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11035
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7621 42 B
64 B 102ms
62ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLB_0ptfOxk_hfW_HbjD8cFbvx24Y7z-GYA0gQ2Tx_Ip1qYj0VtMBmHqJqCb1TrP5yXEVfCO9-3leAC-TyGWfCYi3IJJxdE0vOe1Wf2NsX2uhiE4FwHc4uZzDAWqz2v2xZdItSWLkJBt3Y&sai=AMfl-YT5BVS1N3Xr13VKDdKYp2V9Ep-amdzyb7ZRuvfhRhvUxkvLSRT6_jYia9mc20kJp1knTCpyeaBOvSa8&sig=Cg0ArKJSzIwsj0zFjyx4EAE&id=lidar2&mcvt=1040&p=0,0,90,728&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2672234074&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660233995599&rpt=1075&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame FB6A 1 KB
2 KB 53ms
52ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f5b89968ae14f5b7dac04533bc881bf477f0ae92c7fa4fac73a172a5bae01e

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 739238369c67cdb7-CDG
date: Thu, 11 Aug 2022 16:06:37 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtdiUlx6ug1K7Pq8sSaTu5eE06OBwDE96qA8bkW2Sy%2BSDwyMxDgA7WBN3OsT%2F8jDOCZQUFIJCanWTNDVRyMpa0BTeLgF3KaE2ipMRixjf%2FmObRZcB26xj7rABYeDTJPi8vqs%2Bx4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-h8v1

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 66ms
43ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 739238365c15cdb7-CDG
content-length: 24
content-type: text/plain
date: Thu, 11 Aug 2022 16:06:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYwzJ%2BQh5BU%2F1rxU0wKpWFjvAfOtxqNeaVIfrw731zeEYPK1dz64iPBliMz1HvCfXqEAUd2%2BgDSXDmgls1Z9fb76Ihj9Dybh60dV2SCQWPnLG1Ej21NhY0lzvI7VfT4yq%2BjCROw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h8v1

GET
H3 200 12354-real-madrid-wins-uefa-super-cup-ties-barcelona-milans-record-696x392.jpg
all-news.co/wp-content/uploads/2022/08/ 48 KB
48 KB 43ms
43ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12354-real-madrid-wins-uefa-super-cup-ties-barcelona-milans-record-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1d8c70039b85bb6d753a49d642e0a404da528e9a8009c7febe47da70303464d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48900
last-modified: Thu, 11 Aug 2022 08:24:54 GMT
server: cloudflare
etag: "bf04-5e5f2e6706d10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqxKH%2FuZpk8oPfVhKIFmoC30phftjfq0rngNzhS8O2F2iMiINcqZk4pPe%2FKIPwIWLuS8jbJRI4yZ807CXAyikTTkfTOh8UTHLTqyVuloE97Bc1eXUcIbjYYs4RGEPImgeJ40KtiYdPsnWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 739238362dc0331c-CDG

GET
H3 200 12352-study-reveals-how-the-ovarian-reserve-is-established-696x392.jpg
all-news.co/wp-content/uploads/2022/08/ 40 KB
40 KB 40ms
39ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12352-study-reveals-how-the-ovarian-reserve-is-established-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d64fce2b1565ec6607861ed739a0becf4e6a25d35c16ac03150a4600f089a8b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40467
last-modified: Thu, 11 Aug 2022 08:24:49 GMT
server: cloudflare
etag: "9e13-5e5f2e62853d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pngC45QmoumoS9%2FPiDlHZM%2BGmcmJWMRSxobQZ3er0P8TcTf6EqhDv8c6dj%2B6e1AgiYN8w7y%2FEgPBC1uK2bZz5f5orqEJ4dc2xt9opwEjyfwOQ9WQkKiKs4M%2BY5HjCiSt%2FkxMFeFblaEtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 739238364e00331c-CDG

GET
H3 200 12356-from-the-courtroom-to-the-course-everything-you-need-to-know-about-the-fedex-cup-playoffs.jpg
all-news.co/wp-content/uploads/2022/08/ 33 KB
34 KB 30ms
30ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12356-from-the-courtroom-to-the-course-everything-you-need-to-know-about-the-fedex-cup-playoffs.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec5a058907d4794714bc46cadfe5cfd70eaa4678780de41d326ff8f3f74ba82

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34156
last-modified: Thu, 11 Aug 2022 13:24:50 GMT
server: cloudflare
etag: "856c-5e5f71719c696"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoY7CEJbCIhA8wMAYM8fu%2BckWB0Hx%2BNOZmD%2FNZR7sC1bspNiBG0qEhlP%2Fvy58wyqswsHNwDXJ5BxD3QeaOGUKO7TXZ1wZdODixuV4psrVWE6aBJTjmBs1S2LiqPFSogcp8etsxk7P5fcUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 739238366e37331c-CDG

GET
H3 200 12350-silva-tells-critics-put-respect-on-man-citys-name-opens-up-on-future-amid-barca-links-696x392.jpg
all-news.co/wp-content/uploads/2022/08/ 29 KB
29 KB 45ms
44ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12350-silva-tells-critics-put-respect-on-man-citys-name-opens-up-on-future-amid-barca-links-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50c8b215ca11ee0372e0a9777be86faf6f8284e62696f1b48fdebc7362a2c3b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29432
last-modified: Thu, 11 Aug 2022 08:24:43 GMT
server: cloudflare
etag: "72f8-5e5f2e5c41377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZzq6A7N2rZvAZXdKTXI%2Bk6sX%2BVWQW152cyxRIm3LubUwzrW1gB5LXOxzdI29a7K1XH3uOhvS4vGMnZKM7n1mm5gO%2F1mIw0FtlDlVgUa%2FgS1J5ysHd%2F75lBAgVIL0uKdY1FTSNhLPUw42Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 739238368e79331c-CDG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12358-field-of-dreams-game-2022-minor-leaguers-get-their-night-on-big-stage-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e3444c9fec33f6c5a69598d306a01245f134f0eb48be464f1305a6d78413a0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67671
last-modified: Thu, 11 Aug 2022 13:24:57 GMT
server: cloudflare
etag: "10857-5e5f717831fa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9nrhhwXwm8ZO2aF%2BkXjWGqXeN2XaRt22v0bQbOU8YKgs6nQxhFk%2Fd6dIwtBsbkSITKgbgiEJZmvbhOGPS%2BrvJ5D%2BK1ncybA84EFsWbqmVtKccjXFiJLM6sF4HQZNk%2BDxWhZucfONgSjrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73923836beda331c-CDG

GET
H3 200 12354-real-madrid-wins-uefa-super-cup-ties-barcelona-milans-record-696x392.jpg
all-news.co/wp-content/uploads/2022/08/ 48 KB
48 KB 30ms
29ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12354-real-madrid-wins-uefa-super-cup-ties-barcelona-milans-record-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1d8c70039b85bb6d753a49d642e0a404da528e9a8009c7febe47da70303464d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48900
last-modified: Thu, 11 Aug 2022 08:24:54 GMT
server: cloudflare
etag: "bf04-5e5f2e6706d10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOjThF8Gfzk6tVJkdgvZxgRZlZnlcxuDliV2Y4ZWCTuc0HjurGzjuFYCRdO0adj9XU0F4yNSt0BX8yuNyy63AygzkZp6NmPB%2FJK8sK6P1iy0pFMIE%2FMDFTFj9lDE%2B%2FEdABlKBlLFS7Go0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73923836df0b331c-CDG

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 125ms
125ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:38 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1264 9 KB
4 KB 52ms
52ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdcb8a465eeecdf05396afea1ee8064569359f80ff8560ec74016597792efa94

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kkjmz0x9pr3hzt6dnryyzzbbya46aq3k4zk898y0qahwe266dvegahx5q2g6t3yq02w437sjaf0afaknqnw6vv2hrzdenh0xhvs81jfss1yrjp2kd091anky5g4vfycgyxw87fsgcqdkz5pg4yxe053jwb1np7h4zbrpppx9fne12y0mm1v8ej429de5jg94ft6t0q84p0cp9s9bz0xgmqcsp4bm4e1ja1d863pakeee0zm2r299c3b7x8fy8d1vn4w2097250trvq74qeanc20vjx8a175smbvgdb88ts7zv8aasa7g4r4ezd8fzp6xd2hbm37e503qb5c6gq6bxrxjf5sstvt4qyfyy9bdqvzhj7fgaf62e8gn95y2chq00fdvk5ekjmg474t9pmbs5xs5hbbc3qeyg5y1qnfz0xh6v024n236jjk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%26client%3Dca-pub-8439024877331049%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 73923836f8bf40f3-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 12352-study-reveals-how-the-ovarian-reserve-is-established-696x392.jpg
all-news.co/wp-content/uploads/2022/08/ 40 KB
40 KB 32ms
32ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12352-study-reveals-how-the-ovarian-reserve-is-established-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d64fce2b1565ec6607861ed739a0becf4e6a25d35c16ac03150a4600f089a8b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40467
last-modified: Thu, 11 Aug 2022 08:24:49 GMT
server: cloudflare
etag: "9e13-5e5f2e62853d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2PAdwU%2BTqfvNCNzokxqo1eiBuPUwO0hm54ePQ1ABA9FfRHdwfOnoUkfzZPa35beso1pArwAWrE8LyrUMTvoyiwKNWXYXrbLmrvUxffrjwgZDfOUnlpQbW8n3hnzM6XdpuHJ8ytaYwcM5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73923836ff4c331c-CDG

GET
H3 200 12358-field-of-dreams-game-2022-minor-leaguers-get-their-night-on-big-stage-324x235.jpg
all-news.co/wp-content/uploads/2022/08/ 21 KB
22 KB 54ms
54ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12358-field-of-dreams-game-2022-minor-leaguers-get-their-night-on-big-stage-324x235.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf73d3e7f3d6622a708753711629c96ae742c5984b6a23417e3aee4f4055b14c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21848
last-modified: Thu, 11 Aug 2022 13:24:58 GMT
server: cloudflare
etag: "5558-5e5f7178c10bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvoTRbakwqOWPMm2nI7cNT55ORJzeluNn2FjlFsdYV834bugGDNqXZDBU7zOM8UePAlbpNm7fNuRLXDgOT4YRQang12nYC%2BZylCpPmxQlDbQCT4fSnLjVYpn2Ls6eCU2qxN2Hx50CvCDxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 739238370f73331c-CDG

GET
H3 200 12356-from-the-courtroom-to-the-course-everything-you-need-to-know-about-the-fedex-cup-playoffs.jpg
all-news.co/wp-content/uploads/2022/08/ 33 KB
34 KB 49ms
48ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12356-from-the-courtroom-to-the-course-everything-you-need-to-know-about-the-fedex-cup-playoffs.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec5a058907d4794714bc46cadfe5cfd70eaa4678780de41d326ff8f3f74ba82

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34156
last-modified: Thu, 11 Aug 2022 13:24:50 GMT
server: cloudflare
etag: "856c-5e5f71719c696"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGWg7qYREuknZuyKIs3ip01SPI569PHah9riKf%2FSwXVt%2FA0HHcj9C051MHMr7mTG1Wqatm5yOn%2BX%2FzkX3ItXLyCOsRw%2FfGa2K%2Fg1DP9%2FlDR0QjM1%2BvhT%2B1CbRPG6wdbPMS37JuyVyL6Lvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 739238370f8f331c-CDG

GET
H3 200 12350-silva-tells-critics-put-respect-on-man-citys-name-opens-up-on-future-amid-barca-links-696x392.jpg
all-news.co/wp-content/uploads/2022/08/ 29 KB
29 KB 29ms
29ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/08/12350-silva-tells-critics-put-respect-on-man-citys-name-opens-up-on-future-amid-barca-links-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50c8b215ca11ee0372e0a9777be86faf6f8284e62696f1b48fdebc7362a2c3b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29432
last-modified: Thu, 11 Aug 2022 08:24:43 GMT
server: cloudflare
etag: "72f8-5e5f2e5c41377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4xEconO5T1zhpnzJKNbmxOuqq%2BSWmFPv5sfE93tvK5JVHFQWhMHN1SFQ8Poeol2CuePQL25bxYaQid%2BNV%2BtpDsCBmVmxqGz0xFOKr3QANziuvAgktmts%2B3g53t10IVV6tp6Tf0ybeg1OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 739238374ff4331c-CDG

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 1264 84 KB
11 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 536931
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86749
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 05 Aug 2022 10:57:46 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 73923837597940f3-CDG
cf-bgj: minify

GET
H2 200 B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
assets.ad4m.at/logo/ Frame 1264 3 KB
4 KB 78ms
68ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=93U/fw==, md5=2rbgfMDdrjDO6X9H8e1xjA==
date: Thu, 11 Aug 2022 16:06:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82950
cf-polished: origFmt=png, origSize=14458
x-guploader-uploadid: ADPycdtzl3i2GXXwsjHi1yo6JdNVw70pWd3p_t718tzeVgtLMq02PyoPNA7lOqo2hzXo4YpDRBbyEFwXvNOgBkeWpQdgsAwxZiO5
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3490
last-modified: Fri, 07 May 2021 10:01:33 GMT
server: cloudflare
etag: "dab6e07cc0ddae30cee97f47f1ed718c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP3JKi2JlODvMDcfg8cYzSuJSAvHx7GPR3rEe60HXqys7WfwrMXuof0N9qCGqBuhyMKypiLrL0XHHFKkPgKeUCzPmJv0mhJIP05UwFZz0zxwY3m%2Fohn5mqfSE3phq%2FuzhRvbWFiuLIsvuQz4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620381693272676
content-type: image/webp
expires: Fri, 12 Aug 2022 16:06:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 14458
accept-ranges: bytes
cf-ray: 739238376cc0cda7-CDG
cf-bgj: imgq:85,h2pri

GET
H2 200 E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
assets.ad4m.at/product_image/ Frame 1264 66 KB
67 KB 57ms
50ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8adfb6325b9f5e2692f750d016484c154ee4c0ef5fa804f511a5932683612ff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=R/RcbQ==, md5=CU+RK8xj7vzD5US578iNWw==
date: Thu, 11 Aug 2022 16:06:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84552
cf-polished: origFmt=png, origSize=142926
x-guploader-uploadid: ADPycdvUgq55kOmWg77oMfMbsfuqH-4Jg1R2fzTOnhNy0lcrYdOkLC4AjujLqfLVB5tTLSTZ9QFonk7C91tQ8JfcQwq6_w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67486
last-modified: Fri, 07 May 2021 09:55:07 GMT
server: cloudflare
etag: "094f912bcc63eefcc3e544b9efc88d5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2F2XTHKv5yFk1zAjtM63AVUamU22ePiW2lrZhoFPYDx2rWt3YJHbF6nahOZmg3JMEZvfz5Bs%2F2vNMMo0zeDTQ8dudkYtqCIrPYo8rCs%2FaenYTg9i29D64n4Tr5wmx2XnWQjIFo1p3bhXF6mt"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620381307305670
content-type: image/webp
expires: Fri, 12 Aug 2022 16:06:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 142926
accept-ranges: bytes
cf-ray: 739238376ce1cda7-CDG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK /
jpp.aircaraibes.com/ Frame 1264 43 B
2 KB 147ms
28ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jpp.aircaraibes.com/?t=P51125B56C8632157&argsite=oneidpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCEoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 16:06:38 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0059530735015869
Connection: close
Pragma: no-cache
X-TRK-PROC: 70235
Last-Modified: Thu, 11 Aug 2022 16:06:38 GMT
Server: nginx
X-TRK-DECISION: 7
Content-Type: image/gif
Access-Control-Allow-Origin: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV: 9

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 1264 14 KB
15 KB 76ms
69ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=9rTT4A==, md5=FU+2YjnmUM8nZKlrNfDZIQ==
date: Thu, 11 Aug 2022 16:06:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82310
cf-polished: qual=85, origFmt=jpeg, origSize=19949
x-guploader-uploadid: ADPycdvPNNMAWqR0i7LgggsG3LNjSuWN2UhViJQUzZPaAG-MudlYsBrWqbJs71j6KUi-YqAg4ofH0vk86Msn8NMnpzgVBw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKHBQd8fjRSjm%2Bnq4jfBINkLgTk0QjQ4ibblm7ndohlkzZ%2Ba95ypsAAM5mjRrqQ0rfb7WVbU%2B9p7fUh81RcuWLNMrB3%2B%2B641xb0xQwH1xYikvWVDPdrlFgKRApATBsJXxXN9MA1Hl1WQ2YSX"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579253438244940
content-type: image/webp
expires: Fri, 12 Aug 2022 16:06:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 19949
accept-ranges: bytes
cf-ray: 739238376cbccda7-CDG
cf-bgj: imgq:85,h2pri

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 1264 274 KB
275 KB 77ms
70ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=hlD5IA==, md5=9kmh0Tk8JUGH0VOXo/+JGw==
date: Thu, 11 Aug 2022 16:06:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75207
cf-polished: origFmt=png, origSize=547949
x-guploader-uploadid: ADPycduLbwbIqmsmDezhLoF-KD2v8dE7Hd8fZ5lNqvRHllDeoq-UI3ayx50UKnp3iDqpUl077ddLe4Dnzpx7-5me8PklkFqTzZiU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIlw8lhbMU6yJ2BGrHwULjkHQNB6OTi4QtJ1RspqiYoQslDojjoBO9bUzTmm%2BextJFzLnB0ceqZ4o8qKQNuJk36cAEBNuufnChJLvqH4qs7gT4S1ZP%2BuyAlNPMuubxH4VKUXz3h2yt8k1x9C"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1578324855822222
content-type: image/webp
expires: Fri, 12 Aug 2022 16:06:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 547949
accept-ranges: bytes
cf-ray: 739238376cc4cda7-CDG
cf-bgj: imgq:85,h2pri

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame 1264
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

124ms
18ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:38 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 1516
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
content-length: 135736

Redirect headers

Date: Thu, 11 Aug 2022 16:06:38 GMT
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0063009262084961
Connection: close
Pragma: no-cache
X-TRK-PROC: 58179
Last-Modified: Thu, 11 Aug 2022 16:06:38 GMT
Server: nginx
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV: 9

GET
H2 200 B5B65C8C03868495DBBF1337067E36410385FF90153C13461BF1D7286EE23F5930BBE0A3A05B64399ADB667C1ADC60F119D63DC9F512EAE713950C75CDED6FD2
assets.ad4m.at/logo/ Frame 1264 8 KB
8 KB 77ms
70ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B5B65C8C03868495DBBF1337067E36410385FF90153C13461BF1D7286EE23F5930BBE0A3A05B64399ADB667C1ADC60F119D63DC9F512EAE713950C75CDED6FD2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f6f1f62ae41727cc9ae9edcbda8d5e4a50c3e56f5756d7f9a5f65b7d13cd2fb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=PVoJDg==, md5=MQ+8aRHHvAfOU5GwCBNyLQ==
date: Thu, 11 Aug 2022 16:06:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84140
cf-polished: origFmt=png, origSize=16800
x-guploader-uploadid: ADPycdvzv30HiDvpph7WQmN8u_wBUlLZauaAKKTgt5dK7eOlslNIwjC664LEcIJPTsP4pSU846iag2Hhl7lmxlXEcQ6HkQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7938
last-modified: Tue, 13 Apr 2021 08:38:59 GMT
server: cloudflare
etag: "310fbc6911c7bc07ce5391b00813722d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6xdGqjq4gmluPs49d%2B8WB%2BDY8y95YTo1yS8e8lzRjqTUUuZUI97zBgd5EkAGt7aho5zhtE%2FrWnCzJUONi4DPKHyp7VK3mhxaMAjc%2BY10eifdEfUbc9frn54Tj9a7ETpbxClgJhVd9WWsV1P"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1618303139285718
content-type: image/webp
expires: Fri, 12 Aug 2022 16:06:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16800
accept-ranges: bytes
cf-ray: 739238376cc9cda7-CDG
cf-bgj: imgq:85,h2pri

GET
H2 200 DF59EAB49C0E7E7C09A5825E02BC5B00ED8EF9C6D2A50CD55E2CBBC5855DACC3E32F97AF7AE0686D105646FF8C90D1772799C890FC673AFB800D7638FF273815
assets.ad4m.at/product_image/ Frame 1264 44 KB
45 KB 95ms
88ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/DF59EAB49C0E7E7C09A5825E02BC5B00ED8EF9C6D2A50CD55E2CBBC5855DACC3E32F97AF7AE0686D105646FF8C90D1772799C890FC673AFB800D7638FF273815
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8599c8cf5a1f540937c7223094c06e446c797de66981599f5295df3984270dec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash: crc32c=uyWUQw==, md5=2uIRBJSvk8ZCFDGPLUWhBQ==
date: Thu, 11 Aug 2022 16:06:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85141
cf-polished: qual=85, origFmt=jpeg, origSize=80080
x-guploader-uploadid: ADPycdvcZSY62lp8-ViHqtp9s6qbfU1xIaoSQrtLCydMAUdUmqI4UrUiUrjpjXaYCYiTTW8VrOoTRDjN1wQUOSpdyrUDvnY90NBd
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45336
last-modified: Mon, 01 Aug 2022 09:47:37 GMT
server: cloudflare
etag: "dae2110494af93c64214318f2d45a105"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4A9jOj1a%2BocjsDRECpigiOQQ0VY%2F%2FLyUDawTPEwH4fUDroBFizACnqZLZo8FXamACnvSG5ChGb3mIyzuXa5UmjrT%2FtlujKN0dLDfnxvNMOPBq5%2FaLnUvqMFkj3GiNRy%2B7h7f70vgmZGacZrS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1659347257081129
content-type: image/webp
expires: Fri, 12 Aug 2022 16:06:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 80080
accept-ranges: bytes
cf-ray: 739238376ccbcda7-CDG
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

14464252-1655283571115
www.yceml.net/0252/ Frame 1264
Redirect Chain

https://www.ftjcfx.com/8o121iw-ousDLNHGIFJDFIIKIGJG&pv=1&pref3=oneidR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=%7B%7BIAB_CONSENT_PD%7D
https://cj.dotomi.com/b8103ltx-D/nuz/txr/CFFHFDGD/IKEDFCG/B/B/B/B/B?h=r%3c%3c6IIEH%3A%2F%2FLLL.4I814M.1DB%3AXP%2F7Bz53-WYSRTQU-QTTVTRUR%2606%3DD%2602pqF%3DzyptocGherqDiqRAr2svS7SF4b4mbus7eAex11SJzy...
https://www.emjcd.com/a073m-36M/u05/-3y/JMMOMKNK/PRLKMJN/I/MIIRIMPRKLILKLNNRI:vfBgi0_6VKlM/I/I/I?k=s%3c%3cmyyux%3A%2F%2F111.kyohk2.htr%3AD5%2Fnrflj-CE8796A-699B97A7%26gm%3Dt%26giVWv%3DfeVZUIwNKXWtO...
https://www.yceml.net/0252/14464252-1655283571115

15 KB
15 KB

197ms
37ms

Image
image/gif

104.103.91.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yceml.net/0252/14464252-1655283571115
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C199318&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CR4WTgf1XfGzgrhkHwH3tQtbQjhwTzTmqqH7&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CQPwc4fb6CP6DBcxH5HYt9C49wHDT4T5qqaV&c=300&d=250&e=&g=bce35085082ab13a4c12dd05c5399584%2F14079356340203251399&i=30425%2C2951%2C29941&j=15%2C15%2C28&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1660233997882&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kknyms17w4bgdcr6pwjzzs5mh1z15mr1ae4mph9zan4bc30f0cxsnbc2ht9d55ksjmks0zsb1ck3d6az5w34pz9k47d65xzq55h2tq5pvq8m9kx0ejh8t5bbrqrp3mcv25vfdbxqa4388g3bmsjnw3m40e4wqr200rae6qy2nq9219bnxrmh0kvf4y7ewq44481e5rmm40wggj025tcaecbkf316np06zvgf1z1jmc795e9whx8nmr6zdfbmhcjft20y5jf2srcj4jj3c70%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdeLcDCn1YpXOEYjKnwSwt6noB-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAlyXatx4V7E-qAMBqgTjAU_Qcyvc_gLWGSOlSkwvDQDF6dTY3BOn91gPTF5--6K5Xu9OlzntCcrY72nsLUAXu1bmlR_RrhPg9Oeud2-OVniKHNl8P__WW8Ap01crnou8vEAnJOy1pKpWpAYtdxqKXsWUl3N2rG1T56bETrZFZVTuRsBzvorSvcCcZZvL5BmfMSpyiEPaBoM_rnbkTx8kSo9y2eTYwRHn8JAxX_weN5m6c97afDanEKU8mNZ_8vsIWPUYmZmeWXgDPkrS8G6WBKg5YSbt_y5revl0UuL0JNfkbyIqoBexJucV6dK42SVf2q-PgAaMrMzR5_TFjvABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3iII5WMyqeg6Nbhtv06biyB68J0g%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 104.103.91.125 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-91-125.deploy.static.akamaitechnologies.com
Software: Server /
Resource Hash: 365735bd943ad56a8250e3c04b3e5307afbbb58cf526f8b04d8532003435ed30

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 16:06:38 GMT
Cache-Control: max-age=289360
Server: Server
X-VC-HTTPS: On
Content-Length: 15373
Connection: keep-alive
Expires: Mon, 15 Aug 2022 00:29:18 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 16:06:38 GMT
Server: Server
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Location: https://www.yceml.net/0252/14464252-1655283571115
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87
X-VC-HTTPS: On
Expires: Thu, 11 Aug 2022 16:06:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 012F 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 7319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 14:04:39 GMT
expires: Fri, 11 Aug 2023 14:04:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3ED1 783 B
536 B 35ms
35ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5147254a2e7184c4909b64f3f37fbe30d361a9b7ebdec875c0cbd3cfe27595a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZCSh0S1lb3Zycs606FV_RQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ZCSh0S1lb3Zycs606FV_RQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 16:06:38 GMT
expires: Thu, 11 Aug 2022 16:06:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js Show response
pagead2.googlesyndication.com/bg/ Frame 012F 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KwAXiUICCFvapwcrMozVyugq_Wx4YR6m3c26cyMGyPI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0017894202085bdaa7072b328cd5cae82afd6c78611ea6ddcdba732306c8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14174
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 08:28:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3ED1 0
0 59ms
58ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=1780266012465879&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 012F 0
12 B 25ms
24ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ufuh7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/ Frame 5BC9 277 KB
36 KB 28ms
27ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1291961522&adf=278409778&pi=t.ma~as.9785579158&w=300&lmt=1660233997&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233997691&bpp=2&bdt=2885&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250%2C696x545%2C1600x1200%2C1005x124&nras=8&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&psts=AEC3cPLxCJJ1QaGOk3SaMicJmWUjm0bEFMh7iLYFN3NANOXwNaJrKaz25E2Hz4YMUMPOboTpSc1fPulmU8l7zA%2CAEC3cPJWj2IGbg25dM-jmi1Hnu5ep3PINBNbZYhRf0dQ09zH1KRq1olK1WkCTHnAB3qSuqxBhEqVfzi1jGOad2LRo4_rjGTe8obZ68djPbMwS74%2CAEC3cPLddDbp3_eLId_CsRHAY_zABLpx-CmyBc2l4RMv73LSenQXgygdcRZR_BSHuLKpZFSU8OOQ0kxRSE3Os7ZdgQ%2CAEC3cPLEDXYGTDWsXzUe6Tqo5v0Bb2-VUzkIF0JbyNWfcLl_TNzk79HOg25rcDomzVqCrz-Blz-ezSSjatBGHjH4ug%2CAEC3cPIhjnHNlFiIXOX5-E1ptaUXjYBGFVZ53w_0wVAdl_IsxrfNb6NhJpjd7LlEOG_KaR9rGesSyP1mMl56-ux5iA%2CAEC3cPJoLxUHUqhJtrk2Li3Bg1oGIqlR7J5j1HwTJkbChJpX7LDvnGQgTBWFxo2MeWRMhklyYv-yzvGgWowYtYKBxQ&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=t1PWqTpn0W&p=https%3A//all-news.co&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f970eacd8293bfdc8e94c3ecb4d03b58dfb946ce25e776be88011984f9ebea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 233118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 36746
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Aug 2022 23:21:20 GMT
expires: Tue, 08 Aug 2023 23:21:20 GMT
last-modified: Thu, 26 Aug 2021 12:44:04 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7DE2 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAA0YDSn1Yrz-MOKPjvQPoYCbuAeIzLLfaPe4hMLADuSCu_uaAhABIMzT7IIBYPsBoAGduPvYA8gBCakCDHjAS2dFkj6oAwHIAwKqBPMBT9AC6NcSxF0eCXte33bftU07snr3Y16mVODf9is_6ZNMit0dP44CqodKp-Q7wRaJM4nFs0x1M8kLS67HUkvrpDFDwuHh35lCJvtcPoOuuMTa0fW241Pc5POc8zmbbEstZPqTIfgTn72dFWEf5WgtHMwxItszBP4W-3bnAl4QrAvsURhs7D5RdzJzo9_Iou_qgBR3-TXeB12mIO67Jb16HP2sa5GVnaDXCWO_hCYCprQX5iVkbmFaA9Ib1V2lbqfWFj4W4ox7uoQiRDd-iIUu6lcxjiU8_0_oDpCQvB26FfMdS1MrhDLBZmEzkddHygWwHY2YwATxz_aT5AOSBQQIBBgBkgUECAUYBKAGXYAHy8eEJ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL-LA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=4nitUIH6CSA&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1291961522&adf=278409778&pi=t.ma~as.9785579158&w=300&lmt=1660233997&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233997691&bpp=2&bdt=2885&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250%2C696x545%2C1600x1200%2C1005x124&nras=8&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&psts=AEC3cPLxCJJ1QaGOk3SaMicJmWUjm0bEFMh7iLYFN3NANOXwNaJrKaz25E2Hz4YMUMPOboTpSc1fPulmU8l7zA%2CAEC3cPJWj2IGbg25dM-jmi1Hnu5ep3PINBNbZYhRf0dQ09zH1KRq1olK1WkCTHnAB3qSuqxBhEqVfzi1jGOad2LRo4_rjGTe8obZ68djPbMwS74%2CAEC3cPLddDbp3_eLId_CsRHAY_zABLpx-CmyBc2l4RMv73LSenQXgygdcRZR_BSHuLKpZFSU8OOQ0kxRSE3Os7ZdgQ%2CAEC3cPLEDXYGTDWsXzUe6Tqo5v0Bb2-VUzkIF0JbyNWfcLl_TNzk79HOg25rcDomzVqCrz-Blz-ezSSjatBGHjH4ug%2CAEC3cPIhjnHNlFiIXOX5-E1ptaUXjYBGFVZ53w_0wVAdl_IsxrfNb6NhJpjd7LlEOG_KaR9rGesSyP1mMl56-ux5iA%2CAEC3cPJoLxUHUqhJtrk2Li3Bg1oGIqlR7J5j1HwTJkbChJpX7LDvnGQgTBWFxo2MeWRMhklyYv-yzvGgWowYtYKBxQ&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=t1PWqTpn0W&p=https%3A//all-news.co&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 16:06:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 7DE2 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:07:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DE2 140 KB
43 KB 358ms
358ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 16:06:38 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 7DE2 0
20 B 62ms
62ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPy4u82Vv_kCFeKHgwgdIcAGdw&gqi=DSn1Yru4LZqytwfY7JzIDg&layout=/sadbundle/%24csp%253Der3%24/17064940463162654720/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 admin-ajax.php Show response
all-news.co/wp-admin/ 0
688 B 382ms
382ms XHR
text/html 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/wp-admin/admin-ajax.php

Requested by

Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.25

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://all-news.co/
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache: cache,platform=wordpress
date: Thu, 11 Aug 2022 16:06:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7JC3UDUvRK9zOsxmSeyFTdfYZZXzH5vB0C1JnM8Eu0u9qfAA30DCQrxVApAV4xZTGHiApLc3hI61TKHr3IkU8qSb0YS2mcTAybmRy3cEeYAuAcl2lJXwOWi8F3dRXXDLyvBwvhnwczSyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://all-news.co
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 739238394c26331c-CDG
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5BC9 1 KB
451 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4aa5573b2544e410fc3dc98d534b9fabcc655b8024d7f9bd5cbeac816587c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 15:09:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 16:06:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 16:06:38 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5BC9 16 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Aug 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5BC9 26 KB
10 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Aug 2022 05:09:09 GMT

GET
H3 200 Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_N_XbMZhLw.woff2
fonts.gstatic.com/s/josefinsans/v25/ Frame 5BC9 10 KB
10 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v25/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_N_XbMZhLw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

650483f49c94c6f05181c4008dde5c6cc0adf771629aca6cffb758e24327316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 06:46:29 GMT
x-content-type-options: nosniff
age: 33609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10488
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 06:46:29 GMT

GET
H3 200 image.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/ Frame 5BC9 79 KB
79 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/image.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf455efa736232e0481e7c44b04290f0dfed4982d7babe4b3cadc99501e31f43

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 244690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80545
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 12:44:04 GMT
server: sffe
date: Mon, 08 Aug 2022 20:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 20:08:28 GMT

GET
H3 200 Jetex.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/ Frame 5BC9 5 KB
5 KB 26ms
25ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17064940463162654720/Jetex.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f26d376a773fbbb6cbb816216dad5f6d0271a4199f3ac5944a6001666d3eb6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5259
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 12:44:04 GMT
server: sffe
date: Mon, 08 Aug 2022 20:20:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 20:20:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 7DE2 18 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 15:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7DE2 0
0 35ms
34ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnOvQjRhpM7dz5_DwCddKBD1_0iIqRWb-_0cSG0uM8FAo_phG-u_iaAOr6K3WUGFHUjIfmtXAqSBpGdAfMAiL1mEgqYQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1291961522&adf=278409778&pi=t.ma~as.9785579158&w=300&lmt=1660233997&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233997691&bpp=2&bdt=2885&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250%2C696x545%2C1600x1200%2C1005x124&nras=8&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&psts=AEC3cPLxCJJ1QaGOk3SaMicJmWUjm0bEFMh7iLYFN3NANOXwNaJrKaz25E2Hz4YMUMPOboTpSc1fPulmU8l7zA%2CAEC3cPJWj2IGbg25dM-jmi1Hnu5ep3PINBNbZYhRf0dQ09zH1KRq1olK1WkCTHnAB3qSuqxBhEqVfzi1jGOad2LRo4_rjGTe8obZ68djPbMwS74%2CAEC3cPLddDbp3_eLId_CsRHAY_zABLpx-CmyBc2l4RMv73LSenQXgygdcRZR_BSHuLKpZFSU8OOQ0kxRSE3Os7ZdgQ%2CAEC3cPLEDXYGTDWsXzUe6Tqo5v0Bb2-VUzkIF0JbyNWfcLl_TNzk79HOg25rcDomzVqCrz-Blz-ezSSjatBGHjH4ug%2CAEC3cPIhjnHNlFiIXOX5-E1ptaUXjYBGFVZ53w_0wVAdl_IsxrfNb6NhJpjd7LlEOG_KaR9rGesSyP1mMl56-ux5iA%2CAEC3cPJoLxUHUqhJtrk2Li3Bg1oGIqlR7J5j1HwTJkbChJpX7LDvnGQgTBWFxo2MeWRMhklyYv-yzvGgWowYtYKBxQ&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=t1PWqTpn0W&p=https%3A//all-news.co&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7DE2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f12772d1d6ffd5cba12028df20be676baaf84de0f7ca95a152df2926f3bb320

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=1780266012465879&bg=!t7SltPDNAAa4hXTbmIU7ACkAdvg8Wqi5ML4kpPJt-ecldz1v-gibmEkrn3B9rciOndERbO5BY78SsAIAAABPUgAAAAJoAQcKABGZeOlNd3UnTw9tgBLdeWprbJkCzdUROCxl41RHBnJOPyBGvJ13xVrH6uSD1oIOfjncCwCESJs6ncwAUbexX99D3EA2DRcQ71niwu78ipFO18F7SFlB4FBrPKNa2pQMDKQTfDJEEzdWgRun7ku_Vd3x2YE4ND8-jXJ9x3AaIy9Rc3-uCc4TFxdN6hQcI1VEBaiWRVj8XR6tWpT3PC7nAqzxXFFggQmnzKT6JW9oZfM-eUD3C56f1noCEZ_XnQcITU5_6wjPW_F_iaZ9aZoBNBokGQ_4MeVuMuJiWvsf1GvHMrb_hqSKIAbSpI6EStxe-HrRejhU0-AgFB7d6E-pmVHD8YvlQMlN7UQbmRKXuJuPh573N5xEoF8OggvVLwptxNHNVgMzsX4SxCYtgZ9OVTO8I1GV8gLIgXd8M7GAm1A_qAPiXtJnMz5dZ7oQvqfjfjgQgnqHcf2NCOcmAFqxfySnDF3MxuNbPAc3-bI6LtSxQ74NMYTbrUmjkJ7hasug_WZCozrm9c47-N875YRg228ZUyxkqVliHAgqWQUgeqfAQ_kZGlqwFBj7dLN9cI1DYtV2oZ5oXjLMc9hcCF5V8dwUMN-Qr033NGuOm0993v1p-YhAg1SKA5C9dabhe-vWIyIeHg8rFuhqnm5x2qDXwhxWRPSBLtnAAmZCGAEKWYNjWTINF2QoTTfiBAZzNZNKF0moD5OFyrdNHWsJIsH4JSSQtpZTfQAWjpuNBA1nGqqUGI1VEVaWPRVXAPlXQzvsxPNUXJD7OMaPu2Mveb14kqpCAfn0zZ_COtq4k99XQM5KZ0N9zUXTRIL2eWpRKfvqjNUXy_Qskp6ZQak0XYwssxds6shPGOhqx48wlU59kgr5QbOxEPyqVomTkpf8tg2gbidO2h61wnAYVl3x4VKaqYrz-J2wMuaODG_TBrlbaE7R-92UNH8jBkbUQcncXmyH8xwRc906wYJjRLAo2onhQdeGdA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DE2 42 B
64 B 67ms
66ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumYqcGGyL-XxI6RNbFuBUFIaHA2eOtN56YwyY7DGg76cKsJjERU-PzbJkGRfs2AaJn7mQBUKxVHKySO6j4AXfM-tHd3W2SmxfbAKXxdo_sDOf1s5Aid6EYjRlJSd8OqvBTwm4DZcJUk5f-&sai=AMfl-YSXddi6mWhwbiaU_XRzlgVAXPc3hSnBIYcITdYhFluLnZaaMm52-4M436ptP9G_P80ONSTwVux4JsTZZ52xfqhw_v12GGtS7CPk_sZ343kNEC1E6c2hzLO2I89X&sig=Cg0ArKJSzAkCLxpMSaxaEAE&cid=CAASF-RolhH86mAfzsYXzhU4UGR3weAxC_Ga&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1291961522&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660233997718&rpt=916&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 16:06:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1400286/log/3/ 0
243 B 20ms
19ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1400286/log/3/unip?en=pre_d_eng_tb&tos=4670&scd=36&ssd=1&est=1660233995278&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1660233999949&vi=1660233995275&ri=ea1e7041f9ea3f15ee36eeca850fa9b4&ref=null&cv=20220807-3-RELEASE&item-url=https%3A%2F%2Fall-news.co%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1400286/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://all-news.co
pragma: no-cache
date: Thu, 11 Aug 2022 16:06:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENWjPzZJFpPOEczx1bTqSjI&google_cver=1&google_push=AehlK4Cbp6r-05bFI_4S5oZj34UKNWMOwB9Q8vrZeiNobPmh_RfLmd1KYWuyhSsSqJ_-Wqjd1s4NGC2PMRr52tjNqcwznAJJyYcVNA

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEADzT_hJhUNZKUij1-RHrNY&google_cver=1&google_push=AehlK4BjV2MV1wwqgdQTv5PFLKFTgWLq9sQNFFJtXJ-vh_c0olsSMICTzpeI1hr9yzVSewVc4utJqsmzKqS5JXgn9NkN5SvcVVjh

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPIYUgcVoWwj-TOeEYW_E3g&google_cver=1&google_push=AehlK4DIrg1Kv-cT2pV8v9tV3T19ta3EzXcw30AlZUtw000EiRo-8MMYRPyxTIGm-i2a22hte5pfUQSwx6FM4dGHyin-sbr-1yQbJA

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.all-news.co/	1970-01-20 14:46:33	Name: _ga Value: GA1.2.1251073223.1660233995
.all-news.co/	1970-01-20 05:12:00	Name: _gid Value: GA1.2.1935478291.1660233995
.all-news.co/	1970-01-20 05:10:34	Name: _gat Value: 1
all-news.co/	1970-01-20 13:56:09	Name: cookielawinfo-checkbox-necessary Value: yes
all-news.co/	1970-01-20 13:56:09	Name: cookielawinfo-checkbox-non-necessary Value: yes
.all-news.co/	1970-01-20 14:32:09	Name: __gads Value: ID=9cd135c7dc526cce-2266f4aef9d400b0:T=1660233995:RT=1660233995:S=ALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ
.all-news.co/	1970-01-20 14:46:33	Name: _awl Value: 2.1660233995.0.5-a0682ba5934eecb4a5306691aef1364c-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-20 05:10:37	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 14:32:09	Name: IDE Value: AHWqTUl6Rdadpuy6Gi6HvudRyObUx9FJtKIB3JUcVXIRgZwW2_V4OBp6MXMSSLdcF0I
.quantserve.com/	1970-01-20 07:20:09	Name: d Value: EFQBCQHqJoEA
.quantserve.com/	1970-01-20 14:40:48	Name: mc Value: 62f5290d-3b002-e9350-a023a
.rlcdn.com/	1970-01-20 13:56:09	Name: rlas3 Value: 6VOIdbgplFKvwsHzN8UHuM+kYXU7LmWJTTY9YTPFHpQ=
.rlcdn.com/	1970-01-20 06:36:57	Name: pxrc Value: CI3S1JcGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 13:56:09	Name: CMID Value: YvUpDQ-Diiy6Dgi4k50OFQAA
.casalemedia.com/	1970-01-20 07:20:09	Name: CMPS Value: 1198
.casalemedia.com/	1970-01-20 07:20:09	Name: CMPRO Value: 1198
.agkn.com/	1970-01-20 13:56:09	Name: ab Value: 0001%3AjIz5emszi5TEr1GsVGnuWU8rJnNzAB8X
.agkn.com/	1970-01-20 13:56:09	Name: u Value: C\|0CEAqh-WNKofljQAAAAABAQ13AQEAAQpAAAAAAA
.casalemedia.com/	1970-01-20 07:20:09	Name: CMTS Value: 1106
.innovid.com/	1970-01-20 07:20:09	Name: uuid Value: c7e725b2-d1bd-4eed-9d6b-152faa66c065-20220811 12:06:37
.metaffiliation.com/	1970-01-20 06:36:57	Name: neta_ssc Value: dce7f3vb0sepbhkcj8t1n8honnyf
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: dce7f3vb0sepbhkcj8t1n8honnyf
.metaffiliation.com/	1970-01-20 06:36:57	Name: kwknc_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.aircaraibes.com/	1970-01-20 06:36:57	Name: neta_ssc Value: 9fc2f3vb0seqazghlytfs5vfvzh9
.aircaraibes.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 9fc2f3vb0seqazghlytfs5vfvzh9
.aircaraibes.com/	1970-01-20 06:36:57	Name: kwknc_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.aircaraibes.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.e.dlx.addthis.com/	1970-01-20 14:40:48	Name: na_tc Value: Y
.dotomi.com/	1970-01-20 14:37:55	Name: cjae Value: dNuOQj_pD2T4
.dotomi.com/	1970-01-20 14:37:55	Name: DotomiUser Value: 400904792303235590$0$1
.emjcd.com/	1970-01-20 14:37:55	Name: S Value: 400904792303235590:dNuOQj_pD2T4
.addthis.com/	1970-01-20 14:40:48	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 05:53:45	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 05:53:45	Name: na_sr Value: 20220811
.dlx.addthis.com/	1970-01-20 05:10:34	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 05:53:45	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 14:40:48	Name: na_id Value: 2022081116063800012296414941
.addthis.com/	1970-01-20 14:40:48	Name: uid Value: 62f5290ec6aab429
.addthis.com/	1970-01-20 14:40:48	Name: ouid Value: 62f5290e0001d8e703049bd43d8bd4b7e3334eec5251e0252c91

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENWjPzZJFpPOEczx1bTqSjI&google_cver=1&google_push=AehlK4Cbp6r-05bFI_4S5oZj34UKNWMOwB9Q8vrZeiNobPmh_RfLmd1KYWuyhSsSqJ_-Wqjd1s4NGC2PMRr52tjNqcwznAJJyYcVNA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEADzT_hJhUNZKUij1-RHrNY&google_cver=1&google_push=AehlK4BjV2MV1wwqgdQTv5PFLKFTgWLq9sQNFFJtXJ-vh_c0olsSMICTzpeI1hr9yzVSewVc4utJqsmzKqS5JXgn9NkN5SvcVVjh Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPIYUgcVoWwj-TOeEYW_E3g&google_cver=1&google_push=AehlK4DIrg1Kv-cT2pV8v9tV3T19ta3EzXcw30AlZUtw000EiRo-8MMYRPyxTIGm-i2a22hte5pfUQSwx6FM4dGHyin-sbr-1yQbJA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1291961522&adf=278409778&pi=t.ma~as.9785579158&w=300&lmt=1660233997&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233997691&bpp=2&bdt=2885&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250%2C696x545%2C1600x1200%2C1005x124&nras=8&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&psts=AEC3cPLxCJJ1QaGOk3SaMicJmWUjm0bEFMh7iLYFN3NANOXwNaJrKaz25E2Hz4YMUMPOboTpSc1fPulmU8l7zA%2CAEC3cPJWj2IGbg25dM-jmi1Hnu5ep3PINBNbZYhRf0dQ09zH1KRq1olK1WkCTHnAB3qSuqxBhEqVfzi1jGOad2LRo4_rjGTe8obZ68djPbMwS74%2CAEC3cPLddDbp3_eLId_CsRHAY_zABLpx-CmyBc2l4RMv73LSenQXgygdcRZR_BSHuLKpZFSU8OOQ0kxRSE3Os7ZdgQ%2CAEC3cPLEDXYGTDWsXzUe6Tqo5v0Bb2-VUzkIF0JbyNWfcLl_TNzk79HOg25rcDomzVqCrz-Blz-ezSSjatBGHjH4ug%2CAEC3cPIhjnHNlFiIXOX5-E1ptaUXjYBGFVZ53w_0wVAdl_IsxrfNb6NhJpjd7LlEOG_KaR9rGesSyP1mMl56-ux5iA%2CAEC3cPJoLxUHUqhJtrk2Li3Bg1oGIqlR7J5j1HwTJkbChJpX7LDvnGQgTBWFxo2MeWRMhklyYv-yzvGgWowYtYKBxQ&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=t1PWqTpn0W&p=https%3A//all-news.co&dtd=26 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/17064940463162654720/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1291961522&adf=278409778&pi=t.ma~as.9785579158&w=300&lmt=1660233997&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660233997691&bpp=2&bdt=2885&idt=2&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cd135c7dc526cce-2266f4aef9d400b0%3AT%3D1660233995%3ART%3D1660233995%3AS%3DALNI_Mb5wHgf5d3mq0iQAAkrFCNgL7eOoQ&prev_fmts=0x0%2C728x90%2C324x250%2C1068x280%2C1068x280%2C324x250%2C696x545%2C1600x1200%2C1005x124&nras=8&correlator=751529153382&frm=20&pv=1&ga_vid=1251073223.1660233995&ga_sid=1660233996&ga_hid=1249665255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44761793%2C31068487%2C31068874%2C31067825&oid=2&psts=AEC3cPLxCJJ1QaGOk3SaMicJmWUjm0bEFMh7iLYFN3NANOXwNaJrKaz25E2Hz4YMUMPOboTpSc1fPulmU8l7zA%2CAEC3cPJWj2IGbg25dM-jmi1Hnu5ep3PINBNbZYhRf0dQ09zH1KRq1olK1WkCTHnAB3qSuqxBhEqVfzi1jGOad2LRo4_rjGTe8obZ68djPbMwS74%2CAEC3cPLddDbp3_eLId_CsRHAY_zABLpx-CmyBc2l4RMv73LSenQXgygdcRZR_BSHuLKpZFSU8OOQ0kxRSE3Os7ZdgQ%2CAEC3cPLEDXYGTDWsXzUe6Tqo5v0Bb2-VUzkIF0JbyNWfcLl_TNzk79HOg25rcDomzVqCrz-Blz-ezSSjatBGHjH4ug%2CAEC3cPIhjnHNlFiIXOX5-E1ptaUXjYBGFVZ53w_0wVAdl_IsxrfNb6NhJpjd7LlEOG_KaR9rGesSyP1mMl56-ux5iA%2CAEC3cPJoLxUHUqhJtrk2Li3Bg1oGIqlR7J5j1HwTJkbChJpX7LDvnGQgTBWFxo2MeWRMhklyYv-yzvGgWowYtYKBxQ&pvsid=1780266012465879&tmod=1386390794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=t1PWqTpn0W&p=https%3A//all-news.co&dtd=26 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/17064940463162654720/index.html".
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271802&client=ca-pub-8439024877331049&fa=2&ifi=10&uci=a!a&btvi=6&xpc=I6UBtl1pk6&p=https%3A//all-news.co Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
ad4m.at
adservice.google.com
adservice.google.fr
ag.innovid.com
all-news.co
as.ad4m.at
assets.ad4m.at
cdn.onesignal.com
cdn.taboola.com
cj.dotomi.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gucluinsaat.net
id.rlcdn.com
image6.pubmatic.com
img.metaffiliation.com
jpp.aircaraibes.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
stats.g.doubleclick.net
steadfastsystem.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
www.emjcd.com
www.ftjcfx.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.yceml.net
googlecm.hit.gemius.pl
104.103.91.125
104.18.18.126
141.226.228.48
142.250.185.226
151.101.129.44
172.217.18.2
18.195.201.66
185.64.190.78
192.229.220.129
195.154.104.74
23.7.201.234
2600:1901:0:6665::1
2600:1901:0:76b9::
2600:9000:223f:3600:8:48e:53c0:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:3030::6815:36b
2606:4700::6812:e134
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c0b::9b
2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21
35.186.253.211
35.244.174.68
52.211.246.129
69.173.144.138
89.207.16.75
95.131.136.1
014275f008a11c03b449443dc6089d26f57cfaccc9f03bc774fb7c70c7ea56c0
026e6849661295c6fd4047a30eeb8021fb094dfa93cd57b5e9c8827f99f90c15
058d3b35b4292343c16a80a41294d2a485cd51fe9efd76505106be8c749e40c0
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11520a721aba930be241eee327d6bcab8709aef7d42439e3d2ceba7edf4c543e
14f26d376a773fbbb6cbb816216dad5f6d0271a4199f3ac5944a6001666d3eb6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2234cc7fe6eff36c16781a4fd65fb50de8e1ec09af0dd11cf925af7c8d3c0194
231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a
25127443e590da6d2966c9962fd06795c091a52b79f51f79cc4031b10c8cdfeb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28e90162c2ee0c01f7237e58072a0f98179535308493bee0ffa510c3f3ba3262
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2b0017894202085bdaa7072b328cd5cae82afd6c78611ea6ddcdba732306c8f2
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
31f970eacd8293bfdc8e94c3ecb4d03b58dfb946ce25e776be88011984f9ebea
34900ef5823ce7380ed18b7cabea4f295587bb779ed6118fbb35418c1b655970
3653ad0a556bcc44098254e8c670b00f74c535ae3ca8ad8d14a0a8ea7370d7c9
365735bd943ad56a8250e3c04b3e5307afbbb58cf526f8b04d8532003435ed30
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
3a2550911a81c4dc34ecbf4464b91cf885d73fce88a927e31b8c6c59bc5e7bba
3f12772d1d6ffd5cba12028df20be676baaf84de0f7ca95a152df2926f3bb320
42f5ec07520712ae6044d3d12eaac4fcdf6d6c5fd38e14f845396e97e57a458b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
509d11755767eb8abe14ce10d3d5a831aaa9f4992dcc74e88fcc05b6b4a69d8d
50e3444c9fec33f6c5a69598d306a01245f134f0eb48be464f1305a6d78413a0
5147254a2e7184c4909b64f3f37fbe30d361a9b7ebdec875c0cbd3cfe27595a3
53f0b3f1910bfe630acf831d9af5e2d3074ef66bb80a3e4271ef88c3016eb772
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f7ab3695b9693af03b131c382ca6f9314a85ed17826623718f5fbca42891e4f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
650483f49c94c6f05181c4008dde5c6cc0adf771629aca6cffb758e24327316c
6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
686c16a5fb357eef15ec1986e86482b440237b8fd23a6335888c787a60ada9a6
6b16df7e728c16f5f255396fc4b95358241bb90ef7e25717c920f201e9e8d7d6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74d47fba2c0983dadcb191c9e54d2cf825c2ace22275c8f520b843ddb86cb8f2
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
784befbb2dad2ce737feba7c425d4a8ace17d6de93953350715acafdd8847e82
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7d64fce2b1565ec6607861ed739a0becf4e6a25d35c16ac03150a4600f089a8b
7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448
7f50c79d15068f6c5ab2c6051e1f54db433cc72c6f3d62af1fe994cfff40549c
8599c8cf5a1f540937c7223094c06e446c797de66981599f5295df3984270dec
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8f6f1f62ae41727cc9ae9edcbda8d5e4a50c3e56f5756d7f9a5f65b7d13cd2fb
95efed1b8e98e2895069e7ff0ceb0a5173e0f6021644c5c85aae20baba68db81
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b2da2c7c59b8269a2f61513a58107c6e6a6743a4b8be0a7a665c62771d539f
a49ff99d157b6fbbfb8f5c8eccc60cc6aa4bc5b744483a633a7ce2fbfdab682e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
ab31438e1c20f2c8325a8b2475e1a345e67529ee311b332ffe50a4264b062333
ad4ee67a5fb59344e9bb3b11f94b003bd98a82ff3a0d48ae84b763440bbfa4c5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed0221fdf57f8ebfc72bbcf251a01c4eca732d1163931c2e1899c469df973f2
afa3239a04ca689d77b62d45f3bfcf66e8653a6847a5877a00a553257f38cebb
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0b8d68ee522eab5df453cc36e65c38b1401a9c685a66d65226d8cf914e8c60a
b4aa5573b2544e410fc3dc98d534b9fabcc655b8024d7f9bd5cbeac816587c15
b50c8b215ca11ee0372e0a9777be86faf6f8284e62696f1b48fdebc7362a2c3b
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
b9e650126217e279dd44e26f4284cba45b732fe7b4f4bb594b310abea0a34798
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf455efa736232e0481e7c44b04290f0dfed4982d7babe4b3cadc99501e31f43
bf73d3e7f3d6622a708753711629c96ae742c5984b6a23417e3aee4f4055b14c
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4c1def904b2b68d86e814646a40afe3c977ea37682982b539e99539202af8fc
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a
c573802dda237830f2f3baf927b9409aff9a0bbccf99d3dc1114475b9f740986
c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
c8e3d4a2cc549ba5e51867d426f3e98a0112231497f355dd1ec6815ba67f14dd
cae747a1fe244726a729c8a81f90c8a1129afae499e9d6b3337e8503cef5310c
cb5ec5a7a298268b9656a461fa003aa1140dcc0165bc4bcd1fef3493eaa322f8
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d1d8c70039b85bb6d753a49d642e0a404da528e9a8009c7febe47da70303464d
d2a90e4b2c90773869de219dfbcccb4ce1ec02571830e60bf07ec647aea17c16
d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
db91b786f6471090bf74e02f624d64cef9abf8e197d16ac84f339ebe4f12fcda
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dec5a058907d4794714bc46cadfe5cfd70eaa4678780de41d326ff8f3f74ba82
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f5b89968ae14f5b7dac04533bc881bf477f0ae92c7fa4fac73a172a5bae01e
e5097b0534fd91802e31e67c33b67abf76a5345cff9f586c828859357fed1124
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e57c7c9ee4e3b113fd51945d13d743f5a6b2f2e9f2e98d178b13347a4bd6ea93
e5ba8c722d5a1059950f09a12c68ec21022629d63bed45258a119f738785fc63
e8adfb6325b9f5e2692f750d016484c154ee4c0ef5fa804f511a5932683612ff
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
e8fc6e2de45f47413a45c246e23286e1a588d4321ab5025203a8cc1e42b06f09
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f03f0e7d2bd999c152c1edfcb92a553f308819e61603b5ad1cb8a2470d8d5f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5d79e3c7c7f87c66bcf8c92aa154e81f76f2af09f4b2ecdd8efd95b801c7198
f637d653071a3a5bb0ecee05d5361be344e21c91bc48c060aaad04b00dd909a7
f64bb70b97dd6139b3567ecd0ce1ee23e8f04a8e4c3c82140262d1d365af90a0
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
fdcb8a465eeecdf05396afea1ee8064569359f80ff8560ec74016597792efa94

all-news.co Open in urlscan Pro 2606:4700:3030::6815:36b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

253 Requests

91 %HTTPS

54 %IPv6

34 Domains

46 Subdomains

31 IPs

9 Countries

3734 kBTransfer

8787 kBSize

40 Cookies

1 Outgoing links

Page URL History

Redirected requests

253 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

all-news.co Open in urlscan Pro
2606:4700:3030::6815:36b Public Scan

Screenshot
Live screenshot

Full Image

253
Requests

91 %
HTTPS

54 %
IPv6

34
Domains

46
Subdomains

31
IPs

9
Countries

3734 kB
Transfer

8787 kB
Size

40
Cookies

253 HTTP transactions
15 data transactions