urlscan.io logo urlscan.io
SecurityTrails logo

all-news.co Open in urlscan Pro
5.189.131.58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html#?Z289MSZzMT0xNjg4MjMwJnMyPTE4NDc3ODE3NyZzMz1CRQ==
Effective URL: https://all-news.co/
Submission: On August 13 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 21 domains to perform 179 HTTP transactions. The main IP is 5.189.131.58, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is all-news.co.
TLS certificate: Issued by R3 on June 27th 2023. Valid for: 3 months.
This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.219.178.105 16509 (AMAZON-02)
1 1 162.55.49.247 24940 (HETZNER-AS)
1 32 5.189.131.58 51167 (CONTABO)
5 2607:f8b0:402... 15169 (GOOGLE)
17 2607:f8b0:402... 15169 (GOOGLE)
1 18.238.32.125 16509 (AMAZON-02)
6 2607:f8b0:402... 15169 (GOOGLE)
4 52.46.154.240 16509 (AMAZON-02)
1 52.46.135.132 16509 (AMAZON-02)
3 20 2607:f8b0:402... 15169 (GOOGLE)
4 3.160.20.174 16509 (AMAZON-02)
1 2a04:4e42::272 54113 (FASTLY)
2 52.94.233.131 16509 (AMAZON-02)
11 2607:f8b0:402... 15169 (GOOGLE)
1 29 2607:f8b0:402... 15169 (GOOGLE)
6 2607:f8b0:402... 15169 (GOOGLE)
3 5 2607:f8b0:402... 15169 (GOOGLE)
2 172.217.13.99 15169 (GOOGLE)
2 2620:100:a001... 19750 (AS-CRITEO)
14 2620:100:a001::4 19750 (AS-CRITEO)
2 74.119.119.147 19750 (AS-CRITEO)
2 2a00:1450:400... 15169 (GOOGLE)
6 172.217.13.98 15169 (GOOGLE)
1 1 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2620:100:a001... 19750 (AS-CRITEO)
2 2620:100:a001::3 19750 (AS-CRITEO)
1 1 38.98.69.175 174 (COGENT-174)
1 6 172.217.13.162 15169 (GOOGLE)
2 2 35.71.131.137 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 202.233.84.1 131957 (MICROAD M...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 35.186.193.173 15169 (GOOGLE)
1 2 72.247.69.164 16625 (AKAMAI-AS)
179 30
1    52.219.178.105 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com
s3.us-east-2.amazonaws.com
1    162.55.49.247 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.247.49.55.162.clients.your-server.de
162.55.49.247
32    5.189.131.58 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi481268.contaboserver.net
all-news.co
5    2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    18.238.32.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-32-125.cmh68.r.cloudfront.net
z-na.amazon-adsystem.com
6    2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    52.46.154.240 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
1    52.46.135.132 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
ws-na.amazon-adsystem.com
20    2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
partner.googleadservices.com
4    3.160.20.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-20-174.cmh68.r.cloudfront.net
wms-na.amazon-adsystem.com
1    2a04:4e42::272 (United States)

ASN54113 (FASTLY, US)
m.media-amazon.com
2    52.94.233.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
fls-na.amazon-adsystem.com
11    2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.gstatic.com
29    2607:f8b0:4020:805::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2607:f8b0:4020:805::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
2    172.217.13.99 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f3.1e100.net
p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com
2    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
14    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
2    2a00:1450:4009:823::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
www.googleadservices.com
1    2607:f8b0:4020:806::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2607:f8b0:4006:15::8 (Stony Point, United States)

ASN15169 (GOOGLE, US)
r3---sn-ab5sznzy.gvt1.com
3    2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
2    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
6    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
cm.g.doubleclick.net
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
2    72.247.69.164 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-69-164.deploy.static.akamaitechnologies.com
sync.teads.tv
Apex Domain
Subdomains		 Transfer
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
tpc.googlesyndication.com — Cisco Umbrella Rank: 151
616 KB
32 all-news.co
all-news.co
3 MB
25 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
181 KB
21 gstatic.com
fonts.gstatic.com
www.gstatic.com
p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com
csi.gstatic.com
265 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 617
csm.us.criteo.net — Cisco Umbrella Rank: 2648
198 KB
12 amazon-adsystem.com
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 8678
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 1105
ws-na.amazon-adsystem.com — Cisco Umbrella Rank: 19248
wms-na.amazon-adsystem.com — Cisco Umbrella Rank: 27027
fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 7834
126 KB
7 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1216
www.googleadservices.com — Cisco Umbrella Rank: 150
463 B
6 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 2580
cat.va.us.criteo.com — Cisco Umbrella Rank: 2524
rtb.va.us.criteo.com — Cisco Umbrella Rank: 5926
42 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
338 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
876 B
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
6 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1405
604 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 363
1 KB
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 3684
r3---sn-ab5sznzy.gvt1.com — Cisco Umbrella Rank: 375837
1 MB
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 7426
622 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6926
542 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 7034
641 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2178
173 B
1 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 6397
730 B
1 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 504
3 KB
1 amazonaws.com
s3.us-east-2.amazonaws.com
638 B
179 21
Domain Requested by
32 all-news.co 1 redirects s3.us-east-2.amazonaws.com
all-news.co
29 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
s3.us-east-2.amazonaws.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
19 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
all-news.co
17 pagead2.googlesyndication.com all-news.co
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
14 static.criteo.net ads.us.criteo.com
11 www.gstatic.com googleads.g.doubleclick.net
6 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
6 www.googleadservices.com all-news.co
6 www.googletagservices.com googleads.g.doubleclick.net
s3.us-east-2.amazonaws.com
6 fonts.gstatic.com fonts.googleapis.com
5 www.google.com 3 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
5 fonts.googleapis.com all-news.co
googleads.g.doubleclick.net
4 wms-na.amazon-adsystem.com ws-na.amazon-adsystem.com
all-news.co
4 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
all-news.co
3 csm.us.criteo.net ads.us.criteo.com
2 sync.teads.tv 1 redirects
2 match.adsrvr.org 2 redirects
2 rtb.va.us.criteo.com all-news.co
googleads.g.doubleclick.net
2 csi.gstatic.com www.gstatic.com
2 cat.va.us.criteo.com ads.us.criteo.com
2 ads.us.criteo.com s3.us-east-2.amazonaws.com
googleads.g.doubleclick.net
2 p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com
2 fls-na.amazon-adsystem.com ws-na.amazon-adsystem.com
all-news.co
1 ius.ctnsnet.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 aid.send.microad.jp googleads.g.doubleclick.net
1 tr.blismedia.com googleads.g.doubleclick.net
1 aep.mxptint.net 1 redirects
1 r3---sn-ab5sznzy.gvt1.com googleads.g.doubleclick.net
1 redirector.gvt1.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 m.media-amazon.com ws-na.amazon-adsystem.com
1 ws-na.amazon-adsystem.com all-news.co
1 z-na.amazon-adsystem.com all-news.co
1 s3.us-east-2.amazonaws.com
179 35

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
www.facebook.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2024-02-28		 a year crt.sh
all-news.co
R3		 2023-06-27 -
2023-09-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
z-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-18 -
2024-02-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-05-07		 a year crt.sh
ws-na.assoc-amazon.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-01-21		 10 months crt.sh
wms-na.assoc-amazon.com
Amazon RSA 2048 M01		 2023-03-21 -
2024-01-14		 10 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-10-19 -
2023-10-18		 a year crt.sh
fls-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-27 -
2023-09-23		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2023-10-13		 3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-09 -
2023-11-07		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh

This page contains 25 frames:

Primary Page: https://all-news.co/
Frame ID: B8F679AF7ABC2F6037587E2EBBF6694B
Requests: 54 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Frame ID: DEFDE8C667581C833DA4DC041F368B48
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: E1B11FF06853F9F6A019F346FCC1347A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1691942892&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891795&bpp=31&bdt=1239&idt=244&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6044218633756&frm=20&pv=2&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=306
Frame ID: B9CA905385198E35DB0D956D01AA4E1D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Frame ID: A527797FE867B569041FE42FAB92AFA3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F28478DE8080905005F332F735DADED5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1842FC2DFF8E1C1CC854BD43B2784876
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: B0F055B3D0912E9C0E9F3405367A9652
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 750EBBBA29B0F96B62A8D7D448BEAFEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: E82464C32FCC82D1B3D11F736C270A4B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 899D64501EE14302DB1DE314F57D59A1
Requests: 2 HTTP requests in this frame

Frame: https://p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 683AF211005051CF91DEF85C2EBC1842
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: 677E498F62E0DF5B504E71DCC5188A20
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Frame ID: 846CFAADA824DB95474DCF90C767E6AF
Requests: 7 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019
Frame ID: DCADBE3DC5EFB4813EAC76EC041309F0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 85656408C2F805152E92EF4E1D744FB8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: 2CFFB96A36981D8A88218295F09C622B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: 1E648F84D2C696B688C9968994E66EFD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: A2A90929D56811CC30B082646E01F83C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Frame ID: 6B56FF3966887FC7F9C30274E3BBFCC8
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: EBA10A300E4DF89075A635F832CDC4E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88F614ADAED94A14283CFDC2A1E81360
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 85C9821C81216399E7D5FE625914FB96
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: B53A3ED0E7A237BF9406ADE4B13FE32F
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C62905BAE52C0C901D9DBF9789985C6C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - All-News

Page URL History Show full URLs

  1. https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html Page URL
  2. http://162.55.49.247/??Z289MSZzMT0xNjg4MjMwJnMyPTE4NDc3ODE3NyZzMz1CRQ== HTTP 302
    http://all-news.co/ HTTP 301
    https://all-news.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

179
Requests

94 %
HTTPS

46 %
IPv6

21
Domains

35
Subdomains

30
IPs

5
Countries

5845 kB
Transfer

8397 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html Page URL
  2. http://162.55.49.247/??Z289MSZzMT0xNjg4MjMwJnMyPTE4NDc3ODE3NyZzMz1CRQ== HTTP 302
    http://all-news.co/ HTTP 301
    https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 102
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 111
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_gOjvNxD-BBjOAjII6E-D0_Gk0pc HTTP 301
  • https://tpc.googlesyndication.com/simgad/14686781224696614018
Request Chain 113
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C1AurTHPYZMf5CYer_gTs0rWYC-bTl59ytOiIoJURZBABIMzT7IIBYMnujovApIwQoAGBya_UA8gBAagDAcgDywSqBMcBT9A061-JLTEF7fx2nRyGKfyFOFM0HP6OYhVVemBXhEFTozz6VC5TKTfIHw_RWTY2gfj-aM8hFrRkbl2_E5vQKrSAeytot_y3QPvimDUEXnRyl6enbuTRHcBstGsYvCjBs9r9q6gnf3qnn_Px_2uva0wU7HoQx2nTcrxC9QVptsgEu17ngupbEFWuopzycF31kdfWqi5WxfoUxuPCjoBEN2h-5fItAEF0lSJz--wxDIQqm_sonFamfvukwTRCw6W2OzyyF43R58AEiZueoboEkgUECAQYAZIFBAgFGASAB6KOkbEEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnIMB0ggUCIBhEAEYHzICigI6AoBASL39wTqaCVNodHRwczovL2ZpbmQuYW5zd2Vycy5jb20vZmluYW5jZS9hLWJlZ2lubmVycy1ndWlkZS10by1jYXJwZW50cnktYnVzaW5lc3MtaW5zdXJhbmNlL4AKAcgLAaIMCCoGCgTDsLEC2gwQCgoQwO7Tl7OxhJtKEgIBA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=LABMHH04IC4&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWmledIrFjDsLvUdza6eyG_Ru2c2rMhBgB&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3447370ea069bbb0000000000000000%22,%222%22:%220xcf90c3578d9a64970000000000000000%22,%225%22:%220x9ab19888408898160000000000000000%22},%22debug_key%22:%224381268989038067461%22,%22debug_reporting%22:true,%22destination%22:%22https://answers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22982246529%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227269795097559619873%22}&andc=true
Request Chain 114
  • https://redirector.gvt1.com/videoplayback?id=aa3f3ea88b447480&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1691914092&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=4695572B2FB619C34D5DF355B2003FD0A45B660C.3DE09049CB4F6627798B75F7E960F0A6F120630C&key=ck2 HTTP 302
  • https://r3---sn-ab5sznzy.gvt1.com/videoplayback?id=aa3f3ea88b447480&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1691914092&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=35C860ADA5EBD9E7860F2B88BE1E180C350EA7E0.81FDE757C285CF613C401CB115ED7278B783EB81&key=cms1&cms_redirect=yes&mh=mS&mip=2602:ffc8:2:104::14&mm=28&mn=sn-ab5sznzy&ms=nvh&mt=1691906397&mv=u&mvi=3&pl=48
Request Chain 121
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKVB4THPYZPOMCYXFxtYP-OSb-AOHzuCdcu-RwvnYDoC8jqeRDhABIMzT7IIBYMnujovApIwQoAG_8oHxAsgBAagDAcgDywSqBNcBT9AS4IlKS2R-lwW3-teMU8F4kcOtUSg8qJOta8VJVTb-Z8e711v_TKnhBo1IoPjNC4FOY9JlaqOc7LHJMvMlA_6-4AT5PUmD175bOYzrNTrtVTE0oFDktz8AGTOi9toEEoV6hOokW5bsy4nPoYxbZ1SDLH5TA3A9FuXp8YU7hSiz09YN_5MpcODMBAk6nof2l1rRlmxo4nKotLA4oSNQQmxqXQOwWTdev-ZvgRgeW1srdxHR62vBScLEf8S3g6A-EMJh7xmVpnvW76H-yCQ2YvV6Md2eYErABIv-ztfeA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAepjf6OAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENTWBdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgk5aHR0cHM6Ly9zb29saW5lbi5jb20vY29sbGVjdGlvbnMvYWxsP3NvcnRfYnk9YmVzdC1zZWxsaW5ngAoByAsBogwIKgYKBMOwsQLaDBEKCxCg18Kc68u97OABEgIBA9gTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=ixMfliIh2hY&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWkGOe6OfF9yTbIuffsmVvrTUwfAoLuxgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7b62d8278654bbae0000000000000000%22,%222%22:%220x697a198b3525b5fd0000000000000000%22,%225%22:%220xd250571933b4fbca0000000000000000%22},%22debug_key%22:%223881623447659549827%22,%22debug_reporting%22:true,%22destination%22:%22https://soolinen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773880127%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227996300939055677665%22}&andc=true
Request Chain 122
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 127
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cz7nETHPYZPGMCYXFxtYP-OSb-AOA48PHcYzA3vf5EAoQASDM0-yCAWDJ7o6LwKSMEKAB7LPywAHIAQKoAwHIA8kEqgTNAU_QAQhUr40qI9ZFD_zQG90nsS60eNThYOIyIcGkxWCz0oSZfjqm0cfF6ISjvb1oUGQG8OCR_A8fp_EmzfI6AZefi4vK7mok0yIlUKyyQ_OtJmb4rlq-8hQUKWbrfPWXHJGKHGDTyAusxB7lEyzLMYYGyRI3ixZqOl6X-dBSDrguHw6QrTi9eaVkUjY-LiziXM0y7_asFCXYlMsd02K8TyrGb3cDKMdWBbRh8QHfyNyiU4dUiRLkHZ5hydTcZTcUgiIq6-u65hMaGFpXt2LABP6t1beOBJIFBAgEGAGSBQQIBRgEoAYCgAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENO-BNIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgktaHR0cHM6Ly9tYWRtdXNjbGVzLmNvbS9zdGVwLWdvYWw_cHA9bW1fMTAwX3d1gAoByAsBogwIKgYKBMOwsQLaDBAKChDAybnpr-GhjFkSAgED2BMM0BUBmBYBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=8qP5Oxczsgk&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWkGOe6OfF9yTbIuffsmVvrTUwfAoLuxgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2d3e65a8ff022ad70000000000000000%22,%222%22:%220x4880c9b72bdd713c0000000000000000%22,%225%22:%220x76bb5f0421a19e080000000000000000%22},%22debug_key%22:%222576256217738835673%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226152945655089306401%22}&andc=true
Request Chain 168
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEORLBUUFi734MrUBWHK4miw&google_cver=1&google_push=AXcoOmRHAPwnslgh9Jz8O5nuNT6VPidZ-7AlTUSV7rKfq0qXyeyoVOsfxL_gX4kihyE4vifkZ9etpm58W-IWvvADXtrigucTpcs-SA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRHAPwnslgh9Jz8O5nuNT6VPidZ-7AlTUSV7rKfq0qXyeyoVOsfxL_gX4kihyE4vifkZ9etpm58W-IWvvADXtrigucTpcs-SA&google_hm=UjMzNjQ1XzEwNzU0QzY2QV8xMTdGMEIzMEU%3D
Request Chain 169
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJugBqVG71BbCgbjaaiqiEU&google_cver=1&google_push=AXcoOmSbhSA8MZMdwQSTXOhJmhvNyWhGn_HbzGodU44b3GTHyAxNiJ90UuemOnYXjq9h8yrkWJvb_tPPnJzye2CxeLuzUXXy50VHWg HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJugBqVG71BbCgbjaaiqiEU&google_cver=1&google_push=AXcoOmSbhSA8MZMdwQSTXOhJmhvNyWhGn_HbzGodU44b3GTHyAxNiJ90UuemOnYXjq9h8yrkWJvb_tPPnJzye2CxeLuzUXXy50VHWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDM5MDZmNjYtMjE3Zi00NWU0LTljM2ItZTYzNGM4ZWI0NGUz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=03906f66-217f-45e4-9c3b-e634c8eb44e3
Request Chain 172
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESECziQMFddgPYYOKTRqtdzt8&google_cver=1&google_push=AXcoOmQ8TfjWQiqLvoTs5O4z1jB1Re11JLV17xPSlgn5-hUpwXIqx349qEBuw41-kHvyozRG8C8LomdkNCza5K1Rek_nN2dNtA-O-g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI0NzM2MzY0NzM1NDM4OTkyOTE&google_push=AXcoOmQ8TfjWQiqLvoTs5O4z1jB1Re11JLV17xPSlgn5-hUpwXIqx349qEBuw41-kHvyozRG8C8LomdkNCza5K1Rek_nN2dNtA-O-g
Request Chain 173
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEF5Ixa_QVLR1cFnM7WR7lFY&google_cver=1&google_push=AXcoOmTHTg3GTWaUkQQH8_QHglZRuerbxNt6di1CAp7dF2MVa7Rf8oNKRD__7GewCbND6O1qdTSGy-gavBOuGJ2ohcnPEdky-9ic098 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTHTg3GTWaUkQQH8_QHglZRuerbxNt6di1CAp7dF2MVa7Rf8oNKRD__7GewCbND6O1qdTSGy-gavBOuGJ2ohcnPEdky-9ic098&google_hm=3UCS6dFmQoOwZqTqQH2s0yw
Request Chain 174
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFFCcU9pmoO9sxhG89Tb1xQ&google_cver=1&google_push=AXcoOmSIW5C7uE5Gh_V6unbHXEktEicECAq2BVEGrSNsKUY1nnidNYpva8KFqxZxc9s-EoseZzNW6_XYF_O0deArtqUp5G7l48l7oQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YjM2OTNiN2ItODViMS00M2M4LThkNzQtMzMwNWQyNWZiMDFj&google_push=AXcoOmSIW5C7uE5Gh_V6unbHXEktEicECAq2BVEGrSNsKUY1nnidNYpva8KFqxZxc9s-EoseZzNW6_XYF_O0deArtqUp5G7l48l7oQ HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

179 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
hrefly.html
s3.us-east-2.amazonaws.com/postsupport/ 		244 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.178.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
244
Content-Type
text/html
Date
Sun, 13 Aug 2023 06:08:09 GMT
ETag
"eb04cd73b61e445242a35b886bfc95c1"
Last-Modified
Sat, 12 Aug 2023 14:39:22 GMT
Server
AmazonS3
x-amz-id-2
stYy8ui2N1apD23GMPAVxwhootMgoU76dpu5IDTJn4EZap1hGUnWHjUuoW6eAaIZ82BP7E2Zs5g=
x-amz-request-id
YCFB3E0A2SE3C0NE
x-amz-server-side-encryption
AES256
Primary Request /
all-news.co/
Redirect Chain
  • http://162.55.49.247/??Z289MSZzMT0xNjg4MjMwJnMyPTE4NDc3ODE3NyZzMz1CRQ==
  • http://all-news.co/
  • https://all-news.co/
607 KB
608 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://all-news.co/
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 / PHP/8.0.27
Resource Hash
dca6f5f1ade8662963a0f42e7bb490b1118749773139a2b8ada1d01451454b7f

Request headers

Referer
https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html#?Z289MSZzMT0xNjg4MjMwJnMyPTE4NDc3ODE3NyZzMz1CRQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 13 Aug 2023 06:08:09 GMT
Keep-Alive
timeout=5, max=100
Link
<https://all-news.co/index.php?rest_route=/>; rel="https://api.w.org/" <https://all-news.co/index.php?rest_route=/wp/v2/pages/957>; rel="alternate"; type="application/json" <https://all-news.co/>; rel=shortlink
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
Transfer-Encoding
chunked
X-Powered-By
PHP/8.0.27

Redirect headers

Connection
Keep-Alive
Content-Length
228
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 13 Aug 2023 06:08:08 GMT
Keep-Alive
timeout=5, max=100
Location
https://all-news.co/
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
wp-emoji-release.min.js
all-news.co/wp-includes/js/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Thu, 30 Mar 2023 05:37:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"4904-5f8177dd7124a"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18692
style.min.css
all-news.co/wp-includes/css/dist/block-library/ 		95 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:10 GMT
Last-Modified
Thu, 30 Mar 2023 05:37:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"17ced-5f8177dd6e752"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
97517
classic-themes.min.css
all-news.co/wp-includes/css/ 		291 B
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:10 GMT
Last-Modified
Thu, 30 Mar 2023 05:37:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"123-5f8177dd6b872"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
291
style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/ 		37 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:10 GMT
Last-Modified
Fri, 17 Mar 2023 17:41:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"92ec-5f71c1544542e"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
37612
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de6d4227d7c2186856dc98c33eb45cf3b0e6cf946c5711f139b21e14cdf30479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 06:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 04:16:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 06:08:10 GMT
style.css
all-news.co/wp-content/themes/Newspaper/ 		149 KB
150 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:10 GMT
Last-Modified
Fri, 17 Mar 2023 17:41:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"2557c-5f71c14ef049f"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
152956
td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		161 KB
161 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:10 GMT
Last-Modified
Fri, 17 Mar 2023 17:41:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"2828e-5f71c154f25ad"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
164494
tdb_main.css
all-news.co/wp-content/plugins/td-cloud-library/assets/css/ 		34 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Fri, 17 Mar 2023 17:41:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"882f-5f71c15bec76d"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
34863
jquery.min.js
all-news.co/wp-includes/js/jquery/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Thu, 30 Mar 2023 05:37:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"15ed7-5f8177dd72da2"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
89815
jquery-migrate.min.js
all-news.co/wp-includes/js/jquery/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Thu, 30 Mar 2023 05:37:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"3470-5f8177dd71e02"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
13424
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d6b107f1023bcba6991a3e009b5697cef08981a1bfe46670dc04f73c45a746b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Origin
https://all-news.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50797
x-xss-protection
0
server
cafe
etag
15257387160838527907
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:11 GMT
ALLNEWS-logo-final-1.png
all-news.co/wp-content/uploads/2022/12/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2022/12/ALLNEWS-logo-final-1.png
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Fri, 30 Dec 2022 18:13:41 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"1ada4-5f10f8fb79eed"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
109988
onejs
z-na.amazon-adsystem.com/widgets/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.32.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-32-125.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
fd06b0de1a9d419768e7466f02c052e3c9d244a59059dfa1dd3c4901ed3d5ee0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
Public
date
Sat, 12 Aug 2023 09:33:39 GMT
content-encoding
gzip
via
1.1 38f01abc783d44e34c757455ac9006ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P5
age
74072
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=86400,s-maxage=86400,no-transform
content-length
7988
x-amz-cf-id
OwhDAlnbaMf7TnVaUxIlqe4KZcFleXAEycZTZWh0K3XyW4g56OuA3w==
expires
Sun, 13 Aug 2023 09:33:39 GMT
ALLNEWS-logo-final-1.png
all-news.co/wp-content/uploads/2022/12/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2022/12/ALLNEWS-logo-final-1.png
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Fri, 30 Dec 2022 18:13:41 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"1ada4-5f10f8fb79eed"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
109988
mobile-bg.jpg
all-news.co/wp-content/uploads/2023/01/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/01/mobile-bg.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Tue, 10 Jan 2023 16:25:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"abd5-5f1eb56bff015"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
43989
newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by
Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer
https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Origin
https://all-news.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Fri, 17 Mar 2023 17:41:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"82d0-5f71c14ef1057"
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
33488
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://all-news.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 01:27:04 GMT
x-content-type-options
nosniff
age
189667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 01:27:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://all-news.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 01:11:33 GMT
x-content-type-options
nosniff
age
363398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 01:11:33 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://all-news.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 01:19:33 GMT
x-content-type-options
nosniff
age
190118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 01:19:33 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0976a1920eb81b84506c17248954d1d40dac02ea043be8895437387cd68619e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50802
x-xss-protection
0
server
cafe
etag
10163922186269425516
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
562138050aceed3b196b34b7e2fd1ba81861345bfaa2dca7ddd7845ffd4e80cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Origin
https://all-news.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50793
x-xss-protection
0
server
cafe
etag
653973077131630496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:11 GMT
underscore.min.js
all-news.co/wp-includes/js/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Tue, 27 Sep 2022 15:18:25 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"4991-5e9aa27ccd240"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
18833
js_posts_autoload.min.js
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Fri, 17 Mar 2023 17:41:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"14e2-5f71c15becb55"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
5346
tagdiv_theme.min.js
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		301 KB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Fri, 17 Mar 2023 17:41:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"4b207-5f71c154f160d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
307719
comment-reply.min.js
all-news.co/wp-includes/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Fri, 08 Apr 2022 20:07:18 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"ba5-5dc2a2438e980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2981
js_files_for_front.min.js
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 		185 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Fri, 17 Mar 2023 17:41:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"2e345-5f71c15becf3d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
189253
getad
aax-us-east.amazon-adsystem.com/x/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22placement%22%3A%22adunit%22%2C%22tracking_id%22%3A%22health0b30-20%22%2C%22ad_mode%22%3A%22manual%22%2C%22ad_type%22%3A%22smart%22%2C%22marketplace%22%3A%22amazon%22%2C%22region%22%3A%22US%22%2C%22linkid%22%3A%2202331546e37f6931a1bffb7fe5b9b9a3%22%2C%22design%22%3A%22enhanced_links%22%2C%22asins%22%3A%22B0014C5S7S%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22health0b30-20%22%2C%22slotNum%22%3A0%2C%22ead%22%3A1%7D&u=https%3A%2F%2Fall-news.co%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a48f582be40138d5727e6b2205212c13a6abddd1f0b19c71d2fc78781fbe519f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VY20CAE9EMBX0ZK2TMKD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
89499
q
ws-na.amazon-adsystem.com/widgets/ Frame DEFD 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.135.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8c2515bcb3c72f052e85ed1c062a96cccca46160e46d604ae501354ff299610d

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
3422
Content-Type
text/html;charset=UTF-8
Date
Sun, 13 Aug 2023 06:08:11 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8
p3p
policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
elements.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Fri, 17 Mar 2023 17:41:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"10fc-5f71c154f3165"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
4348
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://all-news.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 01:41:45 GMT
x-content-type-options
nosniff
age
188786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 01:41:45 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ 		372 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1714a3c53be09a82d9f8618b763498eed6a43e0810d31c15cc9855fb338be49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128409
x-xss-protection
0
server
cafe
etag
4301201234301650572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:11 GMT
footer_bg.jpg
all-news.co/wp-content/uploads/2023/01/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/01/footer_bg.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
Last-Modified
Tue, 10 Jan 2023 16:25:54 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"1a481-5f1eb56835892"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
107649
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://all-news.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 01:12:48 GMT
x-content-type-options
nosniff
age
190523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 01:12:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame E1B1 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
16918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 01:26:13 GMT
etag
12368291122986407432
expires
Sun, 27 Aug 2023 01:26:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame DEFD 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by
Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.20.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-20-174.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ws-na.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 07:51:25 GMT
via
1.1 57cb281e5423af1daf1086071d6858a4.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 23:28:59 GMT
server
Server
x-amz-cf-pop
CMH68-P3
age
1721806
etag
"593-5fd19cd024931"
x-cache
Hit from cloudfront
content-type
image/png
charset
UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1427
x-amz-cf-id
FL6XQlY1KGezStQH--cprDSL1W35sOI1KsN6Dz1wlvNYApQoTBGGlA==
expires
Mon, 31 Jul 2023 07:51:25 GMT
41-rSOtoD6L._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame DEFD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41-rSOtoD6L._AC_AC_SR98,95_.jpg
Requested by
Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
096fe96236767e41c9ad309188238cc85515e110df6422bf9fe6e732e095ee55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ws-na.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 20 Jul 2043 12:58:14 GMT
date
Sun, 13 Aug 2023 06:08:11 GMT
last-modified
Tue, 15 Nov 2022 01:42:51 GMT
age
1614930
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=630720000,public
x-amz-ir-id
69b103d7-c75b-45a1-9e57-88e77f59cc1f
server-timing
provider;desc="fy"
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
2977
x-served-by
cache-iad-kiad7000082-IAD, cache-ewr18143-EWR
prime.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame DEFD 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wms-na.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by
Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.20.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-20-174.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ws-na.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 06:39:44 GMT
via
1.1 57cb281e5423af1daf1086071d6858a4.cloudfront.net (CloudFront)
last-modified
Fri, 02 Jun 2023 00:00:57 GMT
server
Server
x-amz-cf-pop
CMH68-P3
age
1034907
etag
"d1d-5fd1a3f5c54b7"
x-cache
Hit from cloudfront
content-type
image/png
charset
UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3357
x-amz-cf-id
dgbbY1tSn8YY17hk7686XS0c071hZ2d-meWY61ekUOvHy5wduvX9rQ==
expires
Tue, 08 Aug 2023 06:39:44 GMT
json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame DEFD 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1691906891950&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22health0b30-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fall-news.co%2F%22%7D
Requested by
Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ws-na.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:11 GMT
x-amzn-RequestId
1f6b21fd-4f92-4722-83b8-ab51d6780a27
Content-Length
43
Content-Type
image/gif
cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame DEFD 		341 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by
Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.20.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-20-174.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ws-na.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 07:51:25 GMT
via
1.1 57cb281e5423af1daf1086071d6858a4.cloudfront.net (CloudFront)
last-modified
Fri, 02 Jun 2023 00:00:57 GMT
server
Server
x-amz-cf-pop
CMH68-P3
age
1721807
etag
"155-5fd1a3f5c73f7"
x-cache
Hit from cloudfront
content-type
image/gif
charset
UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
341
x-amz-cf-id
dnd_kErC2AgyuQG0ZnmC0ryaw1CVj_iQeSDIXdfs62kCB-AP75zQXQ==
expires
Mon, 31 Jul 2023 07:51:25 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbf51469666c1fc5b4fb1033fcdde2c994c8398b4d0e4540cb91855f7f996fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B9CA 		530 KB
102 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1691942892&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891795&bpp=31&bdt=1239&idt=244&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6044218633756&frm=20&pv=2&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e6f8956b7be4639f932a34d3a2fbc17647bd843b62f4c3887d91f6abbaf769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
103908
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:12 GMT
expires
Sun, 13 Aug 2023 06:08:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A527 		115 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d365d2a074425cc1b0e89e9504c18e39fcda62c79e39bcc0fe2c2caf81ee44b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39873
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:12 GMT
expires
Sun, 13 Aug 2023 06:08:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
amzn-widgets-enhanced-link-sprite-2x.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wms-na.amazon-adsystem.com/panda/20070822/US/img/amzn-widgets-enhanced-link-sprite-2x.png
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.20.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-20-174.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
dca47add5ff568fafdc259428258ba7400cf1443b713f75ff25f0a73439fdfc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 18:39:38 GMT
via
1.1 57cb281e5423af1daf1086071d6858a4.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jul 2023 00:29:35 GMT
server
Server
x-amz-cf-pop
CMH68-P3
age
2287714
etag
"4794-6001713ba3118"
x-cache
Hit from cloudfront
content-type
image/png
charset
UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18324
x-amz-cf-id
CO6yT-Y-ERy0wm813IRzium9EpZoNbNTvxaNdC85kvbbsEpVUesDNg==
expires
Mon, 24 Jul 2023 18:39:38 GMT
/
aax-us-east.amazon-adsystem.com/x/px/RBL6RphzSWYcBjohmoetXIwAAAGJ7YJgXQEAAAFKAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICAB-OSq/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/RBL6RphzSWYcBjohmoetXIwAAAGJ7YJgXQEAAAFKAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICAB-OSq/?assoc_payload=%7B%22regionId%22%3A%221%22%2C%22ref%22%3A%22sm_n_ma_dka_US_%22%2C%22adMode%22%3A%22manual%22%2C%22linkCode%22%3A%22w58%22%2C%22trackingId%22%3A%22health0b30-20%22%2C%22linkId%22%3A%2202331546e37f6931a1bffb7fe5b9b9a3%22%2C%22country%22%3A%22US%22%2C%22deviceType%22%3A%22BROWSER%22%2C%22searchBarPresent%22%3Atrue%2C%22defaultCategory%22%3A%22All%22%2C%22defaultSearchPhrase%22%3A%22%22%2C%22givenWidth%22%3A%22auto%22%2C%22givenHeight%22%3A%22auto%22%2C%22givenRows%22%3A1%2C%22logType%22%3A%22smart_hide%22%2C%22availableItems%22%3A%5B%5D%2C%22reason%22%3A%22No%20ASIN%20results%20at%20all%22%2C%22livePoolPCScore%22%3A-1%2C%22livePoolModelVersion%22%3A%22LivePoolV1%22%2C%22contXPCScore%22%3A-1%2C%22contXModelVersion%22%3A%22ContXV1%22%7D
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Aug 2023 06:08:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1T4DFFT1ZP10WNCVGRM5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
cm_:onejs_load_evt@v=3112,onejs_exec_time@v=3,aax_load_time@v=574,aax_load_time_smart@v=574
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=3112,onejs_exec_time@v=3,aax_load_time@v=574,aax_load_time_smart@v=574?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=52956ca1-97c3-4131-b441-018f2b1c596a&session=580c0a60-461d-4253-a18b-7733546d08aa
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:12 GMT
x-amzn-RequestId
78f554b9-72b9-45c5-b30f-85f4395d2662
Content-Type
text/plain
/
aax-us-east.amazon-adsystem.com/x/px/RBL6RphzSWYcBjohmoetXIwAAAGJ7YJgXQEAAAFKAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICAB-OSq/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/RBL6RphzSWYcBjohmoetXIwAAAGJ7YJgXQEAAAFKAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICAB-OSq/?assoc_payload=%7B%22regionId%22%3A%221%22%2C%22ref%22%3A%22sm_n_ma_dka_US_%22%2C%22adMode%22%3A%22manual%22%2C%22linkCode%22%3A%22w58%22%2C%22trackingId%22%3A%22health0b30-20%22%2C%22linkId%22%3A%2202331546e37f6931a1bffb7fe5b9b9a3%22%2C%22country%22%3A%22US%22%2C%22deviceType%22%3A%22BROWSER%22%2C%22searchBarPresent%22%3Atrue%2C%22defaultCategory%22%3A%22All%22%2C%22defaultSearchPhrase%22%3A%22%22%2C%22givenWidth%22%3A%22auto%22%2C%22givenHeight%22%3A%22auto%22%2C%22givenRows%22%3A1%2C%22logType%22%3A%22smart_hide_fallback%22%2C%22availableItems%22%3A%5B%5D%2C%22reason%22%3A%22No%20ASIN%20results%20at%20all%22%2C%22livePoolPCScore%22%3A-1%2C%22livePoolModelVersion%22%3A%22LivePoolV1%22%2C%22contXPCScore%22%3A-1%2C%22contXModelVersion%22%3A%22ContXV1%22%7D
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Aug 2023 06:08:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YKWN2Q6WDA0S18Q6H801
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22adViewability%22:[%7B%22above_the_fold%22:false,%22topPos%22:0.0016666666666666668,%22leftPos%22:0.00125%7D]%7D&cb=1552474
aax-us-east.amazon-adsystem.com/x/px/RBL6RphzSWYcBjohmoetXIwAAAGJ7YJgXQEAAAFKAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICAB-OSq/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/RBL6RphzSWYcBjohmoetXIwAAAGJ7YJgXQEAAAFKAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICAB-OSq/%7B%22adViewability%22:[%7B%22above_the_fold%22:false,%22topPos%22:0.0016666666666666668,%22leftPos%22:0.00125%7D]%7D&cb=1552474
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Aug 2023 06:08:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
29PX3JG73TDP5HS6Y2XK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
12e0c0bbc282de0324fc2c716af124fb.js
www.gstatic.com/mysidia/ Frame A527 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3920
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 20:13:48 GMT
17b11504dbe358eca20ea232cf228787.js
www.gstatic.com/mysidia/ Frame A527 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/17b11504dbe358eca20ea232cf228787.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5c24d681529bb22ddbfa56a5a52dee1ab4f499365589f4d9fef1d04b9b22fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4169
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 16:01:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 20:14:04 GMT
css
fonts.googleapis.com/ Frame A527 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 05:17:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 06:08:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A527 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
20083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:33:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame A527 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:33:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A527 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A527 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A527 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:12 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame A527 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 16:01:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 20:13:48 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/8521334624262768470/ Frame A527 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8521334624262768470/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
960e1d9cf9716b3fcece185763e27b7a65e4b1a0c5727945c5a49010aa47efa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 16:44:08 GMT
x-content-type-options
nosniff
age
566644
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2110
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:03:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 05 Aug 2024 16:44:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame F284 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 05:16:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/reactive_library_fy2021.js?bust=31076963
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c274f78a1b548eea327ab519a769bf06a822cfb0dd3c5bf0a590003e771fad07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53699
x-xss-protection
0
server
cafe
etag
4765340485773386694
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:12 GMT
truncated
/ Frame A527 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a75828037b9ada903c17d2d785ec22b5d181cdd1b54aca8f9a4e0aed8665fca6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A527 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 01:45:10 GMT
x-content-type-options
nosniff
age
188582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 01:45:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 1842 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 03:00:58 GMT
etag
12368291122986407432
expires
Sun, 27 Aug 2023 03:00:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame B0F0 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 03:00:58 GMT
etag
12368291122986407432
expires
Sun, 27 Aug 2023 03:00:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 750E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 03:00:58 GMT
etag
12368291122986407432
expires
Sun, 27 Aug 2023 03:00:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame E824 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 03:00:58 GMT
etag
12368291122986407432
expires
Sun, 27 Aug 2023 03:00:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame F284
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:12 GMT
expires
Sun, 13 Aug 2023 06:08:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:12 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 1842 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 05:40:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 06:08:12 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1842 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 21:07:51 GMT
x-content-type-options
nosniff
age
464421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 06 Aug 2024 21:07:51 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1842 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 21:18:17 GMT
x-content-type-options
nosniff
age
550195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 05 Aug 2024 21:18:17 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 1842 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
19439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6441
x-xss-protection
0
server
cafe
etag
14691725014340836395
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:44:13 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 1842 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
19439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8576
x-xss-protection
0
server
cafe
etag
10593844011591499743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:44:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame B0F0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:33:26 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 899D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 05:16:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
redir.html
p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 683A 		247 B
869 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f3.1e100.net
Software
sffe /
Resource Hash
4bf51418238b06596aa349cfa22360c9ecedf7016216837ee254b0b514b228f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
204
content-security-policy-report-only
script-src 'nonce-GmsLbn6INYVq-sZRgYndLw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame B0F0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame B0F0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
6167958838746523951
tpc.googlesyndication.com/simgad/ Frame B0F0 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6167958838746523951?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkHhmGA8rIm3TmPhpS46YEI5K98vw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22ef10cbeac521537e04ebc266964ee3aed5065736f706704eb58ef351f4f26f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 19:39:01 GMT
x-content-type-options
nosniff
age
383351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14838
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 16:23:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 07 Aug 2024 19:39:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0F0 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:12 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame B0F0 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
19521
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14283
x-xss-protection
0
server
cafe
etag
10830060499921058150
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:42:51 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 677E 		54 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
678637684694d070848482535535207959a6703ab0c5365ec1b3b2169af3cf31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:12 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=5erj_Y3XDLPgGuSr3_oKexKqBXGZ2r48TQfma9u2Z6IBmLUGcpTPT62tcwwPTNaDuIQtkwsDZELkOncCi0P2vQh3aftiQhayj3k4MoAWhphIwyVXJyCuiZ5G7ku_KXY0c5QWYodQpGgOuo_dTQx_F5Cf6iMmT6LQFDuuBSmBhN5vHE2xdXArLm-o7iN25U5VhyJedbH_aQO8vnN2h87nSU7AqI-SQXRdE_fVs-hfJBcm6ifSIdDUZPH8kuP6fmcxTz7D7dTgSzyLqX4V"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3623222
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 846C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 846C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 846C 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/postsupport/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:12 GMT
12e0c0bbc282de0324fc2c716af124fb.js
www.gstatic.com/mysidia/ Frame E824 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3920
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 20:13:48 GMT
17b11504dbe358eca20ea232cf228787.js
www.gstatic.com/mysidia/ Frame E824 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/17b11504dbe358eca20ea232cf228787.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5c24d681529bb22ddbfa56a5a52dee1ab4f499365589f4d9fef1d04b9b22fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4169
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 16:01:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 20:14:03 GMT
css
fonts.googleapis.com/ Frame E824 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 05:38:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 06:08:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame E824 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
20083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:33:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame E824 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:33:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame E824 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame E824 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E824 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:12 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame E824 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 16:01:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 20:13:48 GMT
12e0c0bbc282de0324fc2c716af124fb.js
www.gstatic.com/mysidia/ Frame DCAD 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3920
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 20:13:48 GMT
2f535b9406961ba311420c610f64e4c9.js
www.gstatic.com/mysidia/ Frame DCAD 		153 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2f535b9406961ba311420c610f64e4c9.js?tag=gpa/dynamic_fig_web_banner_v2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
988e33eacbaca6e410c03a4c889b385d7f6e09786ca5d6716c5c848523cb8a31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57481
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 16:01:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 20:15:55 GMT
css
fonts.googleapis.com/ Frame DCAD 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 05:51:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 06:08:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame DCAD 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
20083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:33:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame DCAD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:33:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame DCAD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame DCAD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DCAD 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:12 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame DCAD 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 20:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 16:01:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 20:13:48 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 899D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:13 GMT
expires
Sun, 13 Aug 2023 06:08:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:12 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8565 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 05:16:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 677E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 06:08:13 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 677E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 06:08:13 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 677E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 07 Aug 2024 06:08:13 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 677E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 07 Aug 2024 06:08:13 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 677E 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=nyV52ikdYVnQ8qUY7blqVnH_mot_yz1EjKNN9enomp2X9viwO4hmfi_LEUiKn8YfvplLV5LQULZfUBk3NQdJ3_krkbcJt56-3wCVEFp5L-W39RiKBNuIPExYLHLICL9XUCwZFdShaQ9V7bfmiSATC7tsO1F_iUOeMYEjejeQxatXBYfYK_WbKUyU3bbgAVs7a-EerEkWQ-KJsEBRP2BdrWlXu3d3Xvn0MGrJJpDzLugko5XU-NPXpBYZFT8H15VPv2akXbmpVXaJooVHwldpegNOmNbDFpvS5Tkv0SlMZeyprtTCnI41M8ZN53ykbZL4hQD3EffMMbXIhz9IgoYeB6FChWMySTjvdgU1dWLJ340N4TAATD8EcorI03FTaYJPfo0-A9jwg8w5ojz_oUPn_I4f1YjOAx5r1vs7WWrqOwFWAc60q_zGrSeX9d1GjDUg1sQhEP2_pEvPT-7QRbDU9FdpqgY
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3105472
expires
Mon, 26 Jul 1997 05:00:00 GMT
654463440726440bb8628f33834a7009_image_ad_160x600.jpeg
static.criteo.net/design/dt/106573/4855026/ Frame 677E 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/106573/4855026/654463440726440bb8628f33834a7009_image_ad_160x600.jpeg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
4e2d542fd70430f7f15c1d0f72c94e3e3d36adc39f0a1f01e5bbfa3b2b0558eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 20 Jul 2023 19:50:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64b98ff6-18506"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
99590
expires
Wed, 07 Aug 2024 06:08:13 GMT
csi
csi.gstatic.com/ Frame DCAD 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll91oht6&c=8440166364753&slotId=4220083182376.5&qqid=CPDisqr82IADFYWi0QQdePIGPw&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2f535b9406961ba311420c610f64e4c9.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:823::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14686781224696614018
tpc.googlesyndication.com/simgad/ Frame DCAD
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_gOjvNxD-BBjOAjII6E-D0_Gk0pc
  • https://tpc.googlesyndication.com/simgad/14686781224696614018
50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14686781224696614018
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da9e74b257da3d05a8934693a93e8680e04211a4670542ef057131401da8b03e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 09:51:48 GMT
x-content-type-options
nosniff
age
159385
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51627
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 19:31:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 10 Aug 2024 09:51:48 GMT

Redirect headers

date
Sat, 12 Aug 2023 15:58:45 GMT
x-content-type-options
nosniff
server
cafe
age
50968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/14686781224696614018
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 11 Sep 2023 15:58:45 GMT
truncated
/ Frame E824 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb54976f5284b43f089719e5dbb5e79cdeea41b723c4c2ae02c5782421fe40e0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame A527
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C1AurTHPYZMf5CYer_gTs0rWYC-bTl59ytOiIoJURZBABIMzT7IIBYMnujovApIwQoAGBya_UA8gBAagDAcgDywSqBMcBT9A061-JLTEF7fx2nRyGKfyFOFM0HP6OYhVVemBXhEFTozz6VC5...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3447370ea069bbb0000000000000000%22,%222%22:%220xcf90c3578d9a64970000000000000000%22,%225%22:%220x9ab1988...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3447370ea069bbb0000000000000000%22,%222%22:%220xcf90c3578d9a64970000000000000000%22,%225%22:%220x9ab19888408898160000000000000000%22},%22debug_key%22:%224381268989038067461%22,%22debug_reporting%22:true,%22destination%22:%22https://answers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22982246529%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227269795097559619873%22}&andc=true
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x3447370ea069bbb0000000000000000","2":"0xcf90c3578d9a64970000000000000000","5":"0x9ab19888408898160000000000000000"},"debug_key":"4381268989038067461","debug_reporting":true,"destination":"https://answers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["982246529"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"7269795097559619873"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 13 Aug 2023 06:08:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 13 Aug 2023 06:08:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3447370ea069bbb0000000000000000","2":"0xcf90c3578d9a64970000000000000000","5":"0x9ab19888408898160000000000000000"},"debug_key":"4381268989038067461","debug_reporting":true,"destination":"https://answers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["982246529"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"7269795097559619873"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
videoplayback
r3---sn-ab5sznzy.gvt1.com/ Frame DCAD
Redirect Chain
  • https://redirector.gvt1.com/videoplayback?id=aa3f3ea88b447480&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1691914092&sparams=ip,ipbits,expire,id,...
  • https://r3---sn-ab5sznzy.gvt1.com/videoplayback?id=aa3f3ea88b447480&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1691914092&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-ab5sznzy.gvt1.com/videoplayback?id=aa3f3ea88b447480&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1691914092&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=35C860ADA5EBD9E7860F2B88BE1E180C350EA7E0.81FDE757C285CF613C401CB115ED7278B783EB81&key=cms1&cms_redirect=yes&mh=mS&mip=2602:ffc8:2:104::14&mm=28&mn=sn-ab5sznzy&ms=nvh&mt=1691906397&mv=u&mvi=3&pl=48
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
2607:f8b0:4006:15::8 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9285aa656e47f5a5e92265a10f7fa7901542e59983ec35c624fc3cccbc8cd4df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

client-protocol
quic
date
Sun, 13 Aug 2023 06:08:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 16 Jul 2023 03:04:07 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-1224692/1224693
cache-control
private, max-age=6899
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1224693
expires
Sun, 13 Aug 2023 06:08:13 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:13 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-ab5sznzy.gvt1.com/videoplayback?id=aa3f3ea88b447480&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1691914092&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=35C860ADA5EBD9E7860F2B88BE1E180C350EA7E0.81FDE757C285CF613C401CB115ED7278B783EB81&key=cms1&cms_redirect=yes&mh=mS&mip=2602:ffc8:2:104::14&mm=28&mn=sn-ab5sznzy&ms=nvh&mt=1691906397&mv=u&mvi=3&pl=48
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
706
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 683A 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3b5c078458fbd01db6017cad01bee6ebafe6fef8f607793f6c829394a03679e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1989
content-security-policy-report-only
script-src 'nonce-mzuX4yWlRkUKzQ9Q7VEDXw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Fri, 03 Feb 2023 22:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
pagead2.googlesyndication.com/bg/ Frame 2CFF 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1691942892&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906891826&bpp=13&bdt=1270&idt=282&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hjyH9XXYT2&p=https%3A//all-news.co&dtd=291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 06:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
431738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 06:12:35 GMT
all
csm.us.criteo.net/ Frame 677E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=5erj_Y3XDLPgGuSr3_oKexKqBXGZ2r48TQfma9u2Z6IBmLUGcpTPT62tcwwPTNaDuIQtkwsDZELkOncCi0P2vQh3aftiQhayj3k4MoAWhphIwyVXJyCuiZ5G7ku_KXY0c5QWYodQpGgOuo_dTQx_F5Cf6iMmT6LQFDuuBSmBhN5vHE2xdXArLm-o7iN25U5VhyJedbH_aQO8vnN2h87nSU7AqI-SQXRdE_fVs-hfJBcm6ifSIdDUZPH8kuP6fmcxTz7D7dTgSzyLqX4V&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 13 Aug 2023 06:08:13 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 677E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 06:08:13 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 677E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 06:08:13 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3447370ea069bbb0000000000000000%22,%222%22:%220xcf90c3578d9a64970000000000000000%22,%225%22:%220x9ab19888408898160000000000000000%22},%22debug_key%22:%224381268989038067461%22,%22debug_reporting%22:true,%22destination%22:%22https://answers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22982246529%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227269795097559619873%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 13 Aug 2023 06:08:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame E824
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKVB4THPYZPOMCYXFxtYP-OSb-AOHzuCdcu-RwvnYDoC8jqeRDhABIMzT7IIBYMnujovApIwQoAG_8oHxAsgBAagDAcgDywSqBNcBT9AS4IlKS2R-lwW3-teMU8F4kcOtUSg8qJOta8VJVTb...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7b62d8278654bbae0000000000000000%22,%222%22:%220x697a198b3525b5fd0000000000000000%22,%225%22:%220xd25057...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7b62d8278654bbae0000000000000000%22,%222%22:%220x697a198b3525b5fd0000000000000000%22,%225%22:%220xd250571933b4fbca0000000000000000%22},%22debug_key%22:%223881623447659549827%22,%22debug_reporting%22:true,%22destination%22:%22https://soolinen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773880127%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227996300939055677665%22}&andc=true
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x7b62d8278654bbae0000000000000000","2":"0x697a198b3525b5fd0000000000000000","5":"0xd250571933b4fbca0000000000000000"},"debug_key":"3881623447659549827","debug_reporting":true,"destination":"https://soolinen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["773880127"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"7996300939055677665"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 13 Aug 2023 06:08:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 13 Aug 2023 06:08:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7b62d8278654bbae0000000000000000","2":"0x697a198b3525b5fd0000000000000000","5":"0xd250571933b4fbca0000000000000000"},"debug_key":"3881623447659549827","debug_reporting":true,"destination":"https://soolinen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["773880127"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"7996300939055677665"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8565
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:13 GMT
expires
Sun, 13 Aug 2023 06:08:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:13 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
pagead2.googlesyndication.com/bg/ Frame 1E64 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 06:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
431738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 06:12:35 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7b62d8278654bbae0000000000000000%22,%222%22:%220x697a198b3525b5fd0000000000000000%22,%225%22:%220xd250571933b4fbca0000000000000000%22},%22debug_key%22:%223881623447659549827%22,%22debug_reporting%22:true,%22destination%22:%22https://soolinen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773880127%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227996300939055677665%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 13 Aug 2023 06:08:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B0F0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3096d7f3afd74d0a3b24e6103862e36575aa624fabf757c497a10ecf573c389

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
pagead2.googlesyndication.com/bg/ Frame A2A9 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 06:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
431738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 06:12:35 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame B0F0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cz7nETHPYZPGMCYXFxtYP-OSb-AOA48PHcYzA3vf5EAoQASDM0-yCAWDJ7o6LwKSMEKAB7LPywAHIAQKoAwHIA8kEqgTNAU_QAQhUr40qI9ZFD_zQG90nsS60eNThYOIyIcGkxWCz0oSZfjq...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2d3e65a8ff022ad70000000000000000%22,%222%22:%220x4880c9b72bdd713c0000000000000000%22,%225%22:%220x76bb5f...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2d3e65a8ff022ad70000000000000000%22,%222%22:%220x4880c9b72bdd713c0000000000000000%22,%225%22:%220x76bb5f0421a19e080000000000000000%22},%22debug_key%22:%222576256217738835673%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226152945655089306401%22}&andc=true
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x2d3e65a8ff022ad70000000000000000","2":"0x4880c9b72bdd713c0000000000000000","5":"0x76bb5f0421a19e080000000000000000"},"debug_key":"2576256217738835673","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"6152945655089306401"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 13 Aug 2023 06:08:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 13 Aug 2023 06:08:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2d3e65a8ff022ad70000000000000000","2":"0x4880c9b72bdd713c0000000000000000","5":"0x76bb5f0421a19e080000000000000000"},"debug_key":"2576256217738835673","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"6152945655089306401"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 846C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd00f5966dd205e8868c2d30e3f56450d577ffa438df1591ea83b11f19a18617

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 846C 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CWQV_THPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEuQFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8Ay1hUfBSfPNZbmuJ9cevl8JY1l-LdBGHYcRs8R8DQ9K8VhG0hTBoAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=uRlX4OQ5NdY&uach_m=[UACH]&cid=CAQSGwBpAlJWkGOe6OfF9yTbIuffsmVvrTUwfAoLuxgB&cbvp=2&vis=1
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 13 Aug 2023 06:08:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 846C 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kM7XF9SCMKAB2ATiIp0XAgAAABcU2hc9dyEMEEtz2GQAd7hKJ1rRj8LzAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&cbvp=2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
157666
server
Kestrel
content-length
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2d3e65a8ff022ad70000000000000000%22,%222%22:%220x4880c9b72bdd713c0000000000000000%22,%225%22:%220x76bb5f0421a19e080000000000000000%22},%22debug_key%22:%222576256217738835673%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226152945655089306401%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 13 Aug 2023 06:08:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6B56 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b611ba3d781e372a10896ce069551c8681fca38e978daf8a8af06ef12698bc2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15775
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
5545-jerry-jones-cowboys-wont-cave-to-zack-martin-holdout.jpg
all-news.co/wp-content/uploads/2023/07/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5545-jerry-jones-cowboys-wont-cave-to-zack-martin-holdout.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
ad679a3f41ad8cdd3199b9b5de81b3dcfdf776259b9d182d1ef4436dedabb652

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sun, 30 Jul 2023 04:47:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"9f8-601ad02464a72"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2552
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1c702c7c66af478eed2a56977be3cb5db14ef92af0d5ef05a3e163e70aa5fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11770
x-xss-protection
0
8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
pagead2.googlesyndication.com/bg/ Frame EBA1 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 06:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
431738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 06:12:35 GMT
5541-senate-republicans-cite-sound-of-freedom-to-demand-hearings-on-human-trafficking-bidens-border-policies.jpg
all-news.co/wp-content/uploads/2023/07/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5541-senate-republicans-cite-sound-of-freedom-to-demand-hearings-on-human-trafficking-bidens-border-policies.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
b8d24ad1017e43c7e87605d98c60b87fafdba17d3f1e46e223a05ed2f864bf85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sun, 30 Jul 2023 02:47:17 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"109ed-601ab55070355"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
68077
5543-bear-caught-in-california-homeowners-pool-trying-to-beat-the-heat-i-dont-blame-him.jpg
all-news.co/wp-content/uploads/2023/07/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5543-bear-caught-in-california-homeowners-pool-trying-to-beat-the-heat-i-dont-blame-him.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
3d95d1205677aab3167f6c9d931c405540d5a8c407919e49f4edbe885dc09f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sun, 30 Jul 2023 02:47:18 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"c3bf-601ab550bcde2"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
50111
5539-lets-go-golfing-72-hours-in-miami-with-dj-khaled.jpg
all-news.co/wp-content/uploads/2023/07/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5539-lets-go-golfing-72-hours-in-miami-with-dj-khaled.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
cf36c562e7ee9d2bedf58672ce7981065b9befb83fd67bb9febc71bf48effc81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sat, 29 Jul 2023 16:47:22 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"1fab7-601a2f3913b26"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
129719
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_fy2021.js?bust=31076963
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 06:08:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88F6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
269624
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Aug 2023 03:14:30 GMT
expires
Fri, 09 Aug 2024 03:14:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 85C9 		831 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d22cdb6a862bc45950930a0096a5932f298de559496dfc23fb8b3bccb77790b7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BgeEMeCUpcmChjdV0wXLqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://all-news.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
532
content-security-policy
script-src 'report-sample' 'nonce-BgeEMeCUpcmChjdV0wXLqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:14 GMT
expires
Sun, 13 Aug 2023 06:08:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
pagead2.googlesyndication.com/bg/ Frame 88F6 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 06:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
431739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 06:12:35 GMT
5531-final-fantasy-xiv-dawntrail-chills-out-with-vacation-vibes.png
all-news.co/wp-content/uploads/2023/07/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5531-final-fantasy-xiv-dawntrail-chills-out-with-vacation-vibes.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
71b7a3f25b97bc4faca0e54f11a356789f2d07d3ebb71974d0978edf916c04d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sat, 29 Jul 2023 12:47:24 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"205a7-6019f995e55dc"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
132519
5545-jerry-jones-cowboys-wont-cave-to-zack-martin-holdout.jpg
all-news.co/wp-content/uploads/2023/07/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5545-jerry-jones-cowboys-wont-cave-to-zack-martin-holdout.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
ad679a3f41ad8cdd3199b9b5de81b3dcfdf776259b9d182d1ef4436dedabb652

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sun, 30 Jul 2023 04:47:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"9f8-601ad02464a72"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2552
sodar
pagead2.googlesyndication.com/pagead/ Frame 85C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=2471841082924447&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 88F6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?y-pPqQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 6B56 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 6B56 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
22495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:19 GMT
l
www.google.com/ads/measurement/ Frame 6B56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSjhiA4jbGXW9sEalD2OJ6vhiyo3YBsOCGlac0wckA4wuKtJlsXuSKmJkK35yhgIbbz4kcyZDfCAWmWfdBmwNDHEkBDQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6B56 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Aug 2023 06:08:14 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame B53A 		52 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
78a89e5302fbeb06a296a24dba19b0bea7d1f6271bfd59d461cc27f7a7cd144d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:08:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=f3wEVo3XDLPgGuSrntfXia8dSwk2w12bwOX2QWGmOdfWFBsn4KLzyuT4dZbVHHgR_hXIxQE5ORTQQSjbn0PYPcpwT8alYs5_5bvLQJUhMvadTl-XB4wIDD6zVBiu2TktHS8nG0UplBft8bZGunkVwMOl1cl1rB6T9sUQIzD-jkqLW_-6IyLgejpNKrz8Xxt6YjedupvXbbltIx4kucNvc3SLqCudazesh1dxOxGC8o0SXtz7Fh5i7jZjEbkhZhTGzqcr0g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2555143
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C629 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
16825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 01:27:49 GMT
etag
48472445140208031
expires
Mon, 14 Aug 2023 01:27:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E824 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGgUTIqACwZseBr14DQ_Kg6NtLGxRxG4G2lN8gl-yRLyuG_dXINYLjzF4vaRU7O61T0XA-wKpd3-BmN7GzHQLZ5Timsd3s6uYWQY9CEtG5BIc3e1Wmn3b2pcNLDDk9ymLzfqVuTDH6hQ&sai=AMfl-YQswb2xpkwAuL-xQ2__VtJ8uVjltVbchF0zHwdV2MC3U4j4fChxPe_9Sy95DpaA52tN8F5Q-xjLg5gR&sig=Cg0ArKJSzPpQKu_Rsy90EAE&cid=CAQSGwBpAlJWkGOe6OfF9yTbIuffsmVvrTUwfAoLuxgB&id=lidar2&mcvt=1010&p=0,0,124,1005&mtos=228,931,1010,1010,1010&tos=228,703,79,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691906892745&rpt=539&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6B56 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b31f233f657f01903fed3dd07344328170a07eb8281358c0bb1bac4380612c6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
5541-senate-republicans-cite-sound-of-freedom-to-demand-hearings-on-human-trafficking-bidens-border-policies.jpg
all-news.co/wp-content/uploads/2023/07/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5541-senate-republicans-cite-sound-of-freedom-to-demand-hearings-on-human-trafficking-bidens-border-policies.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
b8d24ad1017e43c7e87605d98c60b87fafdba17d3f1e46e223a05ed2f864bf85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sun, 30 Jul 2023 02:47:17 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"109ed-601ab55070355"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
68077
adview
googleads.g.doubleclick.net/pagead/ Frame 6B56 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cc830TXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE4wFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbE8uhhKVRJG0cvDqIhp1zlLHiVhI8lxRqCF5E9IdBwzyECHCRCIAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=AQLS6lwFEkM&uach_m=[UACH]&cid=CAQSOwBpAlJWec5e_7B7ZmCfxpsw1OnztLpFUCX2UFPE-nhawRWFUMoWWedw2UjVNWV4KAt7HOKPLHsyqyGZGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 13 Aug 2023 06:08:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 6B56 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kM7XF9WCMKwC-gHiIp0XAgAAAGO545cX6V2qEE1z2GTyOqLT5SQ4daK8AAASAAAKCkFRVUJDZ0VCQ2c&wp=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
193012
server
Kestrel
content-length
0
5543-bear-caught-in-california-homeowners-pool-trying-to-beat-the-heat-i-dont-blame-him.jpg
all-news.co/wp-content/uploads/2023/07/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5543-bear-caught-in-california-homeowners-pool-trying-to-beat-the-heat-i-dont-blame-him.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
3d95d1205677aab3167f6c9d931c405540d5a8c407919e49f4edbe885dc09f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sun, 30 Jul 2023 02:47:18 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"c3bf-601ab550bcde2"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
50111
privacy_small.svg
static.criteo.net/flash/icon/ Frame B53A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 06:08:14 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame B53A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 06:08:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B53A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 07 Aug 2024 06:08:14 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B53A 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 07 Aug 2024 06:08:14 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame B53A 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=tVk7hodSrper9GL2zbjRQyefnOEsfKf2lXqBXKL1oG5tTaN1jEBJ2q505ul8kE12jcsVclGcBEV1Vakgfp9K9oRqeBPPssirZzI1GYeG-azmUccRETD-aBm_W3WZMfrRfakIF6Xxi9jprW3z1el2H0Sjk2FDetz1lap91BuoDTzcwsGRG1Eg1XCOj_NZtwZNLvq0IMn0rlN4TYFUAMtIGKLlHyLkksLr8qMSzE_YR_Y0mg2A0lXTW3cRcr92_ew_s0sl4tlZ06oNqAYJri3WfLZWJVkGxkenasqV2EaOjYGaNjy9x7B3S-leWQNhEvqNN0cP7BajGnjr8pP02UpMY6fIRAdP6Q2oLu2spYIhpAdiyUSEkUb40kZPeLkWvBMLYpgCtQ3J-4rjtSBq2jkiOfAHEHkwFupyFG1PmJkf9amgs8I19nI2xBD3srvPMPq3kqJfkveTynivuzcO4X4d4psj0Iw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2975236
expires
Mon, 26 Jul 1997 05:00:00 GMT
4c2d4bae7dfc47d1a7eaea348edb23d7_image_ad_300x250.jpeg
static.criteo.net/design/dt/106573/4855026/ Frame B53A 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/106573/4855026/4c2d4bae7dfc47d1a7eaea348edb23d7_image_ad_300x250.jpeg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
eaa152a6fdabbec0da86fc2992650fea38dae839f4cb48cf174b070f71e875d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 20 Jul 2023 19:50:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64b98ff6-15cb6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
89270
expires
Wed, 07 Aug 2024 06:08:14 GMT
all
csm.us.criteo.net/ Frame B53A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=f3wEVo3XDLPgGuSrntfXia8dSwk2w12bwOX2QWGmOdfWFBsn4KLzyuT4dZbVHHgR_hXIxQE5ORTQQSjbn0PYPcpwT8alYs5_5bvLQJUhMvadTl-XB4wIDD6zVBiu2TktHS8nG0UplBft8bZGunkVwMOl1cl1rB6T9sUQIzD-jkqLW_-6IyLgejpNKrz8Xxt6YjedupvXbbltIx4kucNvc3SLqCudazesh1dxOxGC8o0SXtz7Fh5i7jZjEbkhZhTGzqcr0g&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 13 Aug 2023 06:08:13 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B53A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 06:08:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B53A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTQAOXBIE0aJ8AALb-leBLKzImIMfhHS_wg&u=%7C1%2FoF2lTkEu8cFJQaFhXzNKAs%2BLTyZK7vho6CETb6UWU%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AzGjaME1iCTJbBei598O3aRDgIbbWVMsTfU7qf307gBAWSa5oiMs34N88tXKXvk4SF9L66pMgDBeR_Uq2eTvihxF61MipI96nwSlSyWC-eeKpKXXcxOE3e7ZDIkmzEzI0blOlmmEKSs0NKKT0UpcNV-VXBx9KFCUIZeCtNthZBAU28cWiF9f1aCfTbPr4zin2gOykpqqURDGN9xh0fygDH1gnSkazbtOhcmZphHKCnrKLh5rmvKcOaZ3IbbuYVrmGlrjElFDzZup_QPkyF2fd1IIIwX6bLc589j6lz4FJ_E-es19ayVdoSr9JSXovZNsiTjCWiOXc69ByEM5MLn-9I8S-Mw_8k_WihD3kb_hw-mosRUU9LwRf_rspcCtu_bncLzoJY7CU0U8JTG64Rh_c0LfauY7UggQ8_EThCzoHs9Cs_Kwh1IlrJVwo49GwukIEon_W7ry3H2i9W8w71wzD16DBzIOCmvh-Ia0S14Sa2QeevMTCm9xaPkW52oJ9g_BiFnPfASxDrvvaMGlRMpXVxwEYD-HoIrTBfsagGH_505CZ_QdWgyCg12YBV-qFRZO54v5BGX2MDVdWACRx4J6akr1HCVk2XMOA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYenTXPYZJK4OfzExtYP-reLiAqcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoE5gFP0JCkaw2cgN2WtU6b8PmZStWUeQmmywJxRAmm7prHXw4pBHJXS-Bb5wDI1qwy92qr9J9K1TjqxXHyPWpRW4qnW8MQfFzQXvQoCTmAQpXtIM2SdSbGenAN1pqp6UdHi7B6r1Au623aQPQVpuGtGvwgqkFz4uKIU3KxF7hr6d1aIvetJQFhGrMdhMdqkIgoorDjYM-wDwTHoMQ-uf5vZhGX98GM0ouaXxrvoOBNZtAAS_j0CfF1iMrhdbhvncNbUcmBFg6jrW3fNVcEbef6VwbefhsSj9Dx-yTNPTlf7yQt3uGRy7uy9oAG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XWm-hy6gAC-mPsybW1MOLkTEJLA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Aug 2024 06:08:14 GMT
pixel
cm.g.doubleclick.net/ Frame C629
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEORLBUUFi734MrUBWHK4miw&google_cver=1&google_push=AXcoOmRHAPwnslgh9Jz8O5nuNT6VPidZ-7AlTUSV7rKfq0qXyeyoVOsfxL_gX4kihyE4vifkZ9etpm58W-IWvvADXtrigucTpcs-SA
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRHAPwnslgh9Jz8O5nuNT6VPidZ-7AlTUSV7rKfq0qXyeyoVOsfxL_gX4kihyE4vifkZ9etpm58W-IWvvADXtrigucTpcs-SA&google_hm=UjMzNjQ1XzEwNz...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRHAPwnslgh9Jz8O5nuNT6VPidZ-7AlTUSV7rKfq0qXyeyoVOsfxL_gX4kihyE4vifkZ9etpm58W-IWvvADXtrigucTpcs-SA&google_hm=UjMzNjQ1XzEwNzU0QzY2QV8xMTdGMEIzMEU%3D
Protocol
H2
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmRHAPwnslgh9Jz8O5nuNT6VPidZ-7AlTUSV7rKfq0qXyeyoVOsfxL_gX4kihyE4vifkZ9etpm58W-IWvvADXtrigucTpcs-SA&google_hm=UjMzNjQ1XzEwNzU0QzY2QV8xMTdGMEIzMEU%3D
Date
Sun, 13 Aug 2023 06:08:13 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-374911673; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
346
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame C629
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJugBqVG71BbCgbjaaiqiEU&google_cver=1&google_push=AXcoOmSbhSA8MZMdwQSTXOhJmhvNyWhGn_HbzGodU44b3GTHyAxNiJ90UuemOnYXjq9h8yrkWJvb_tPPnJzye2CxeL...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJugBqVG71BbCgbjaaiqiEU&google_cver=1&google_push=AXcoOmSbhSA8MZMdwQSTXOhJmhvNyWhGn_HbzGodU44b3GTHyAxNiJ90UuemOnYXjq9h8yrkWJvb_tPPnJzye2CxeL...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDM5MDZmNjYtMjE3Zi00NWU0LTljM2ItZTYzNGM4ZWI0NGUz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=03906f66-217f-45e4-9c3b-e634c8eb44e3
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDM5MDZmNjYtMjE3Zi00NWU0LTljM2ItZTYzNGM4ZWI0NGUz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=03906f66-217f-45e4-9c3b-e634c8eb44e3
Protocol
H2
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDM5MDZmNjYtMjE3Zi00NWU0LTljM2ItZTYzNGM4ZWI0NGUz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=03906f66-217f-45e4-9c3b-e634c8eb44e3
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame C629 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEM5mvkPpgHuDyrtMU17vqPA&google_cver=1&google_push=AXcoOmRYZXXzmKdqbMrxZO8HFs7epBjqUDbAQUP7LFep0SZeCR8nIEJLEyp6Im0rLGjjwAgEU_F-rnCKRsSh3WSQAVcYrITKS2oaWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
asr
aid.send.microad.jp/g/ Frame C629 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEDPI5wmKCRAsGgRk83KOEtM&google_cver=1&google_push=AXcoOmQrzDa-WFUgr-ewxBrxDYLs6_a5GD45MqGR97qvSHkLNudmmXuytuJzE2DsxthK8-9FurfERdSBDanEaU9jTh_NjbqSsEI5Rw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame C629
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESECziQMFddgPYYOKTRqtdzt8&google_cver=1&google_push=AXcoOmQ8TfjWQiqLvoTs5O4z1jB1Re11JLV17xPSlgn5-hUpwXIqx349qEBuw41-kHvyozRG8C8LomdkNCza5K1Rek...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI0NzM2MzY0NzM1NDM4OTkyOTE&google_push=AXcoOmQ8TfjWQiqLvoTs5O4z1jB1Re11JLV17xPSlgn5-hUpwXIqx349qEBuw41-kHvyozRG8C8LomdkNCza5K1Rek_n...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI0NzM2MzY0NzM1NDM4OTkyOTE&google_push=AXcoOmQ8TfjWQiqLvoTs5O4z1jB1Re11JLV17xPSlgn5-hUpwXIqx349qEBuw41-kHvyozRG8C8LomdkNCza5K1Rek_nN2dNtA-O-g
Protocol
H2
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI0NzM2MzY0NzM1NDM4OTkyOTE&google_push=AXcoOmQ8TfjWQiqLvoTs5O4z1jB1Re11JLV17xPSlgn5-hUpwXIqx349qEBuw41-kHvyozRG8C8LomdkNCza5K1Rek_nN2dNtA-O-g
Date
Sun, 13 Aug 2023 06:08:14 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C629
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEF5Ixa_QVLR1cFnM7WR7lFY&google_cver=1&google_push=AXcoOmTHTg3GTWaUkQQH8_QHglZRuerbxNt6di1CAp7dF2MVa7Rf8oNKRD__7GewCb...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTHTg3GTWaUkQQH8_QHglZRuerbxNt6di1CAp7dF2MVa7Rf8oNKRD__7GewCbND6O1qdTSGy-gavBOuGJ2ohcnPEdky-9ic098&google_hm=...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTHTg3GTWaUkQQH8_QHglZRuerbxNt6di1CAp7dF2MVa7Rf8oNKRD__7GewCbND6O1qdTSGy-gavBOuGJ2ohcnPEdky-9ic098&google_hm=3UCS6dFmQoOwZqTqQH2s0yw
Protocol
H2
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:13 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTHTg3GTWaUkQQH8_QHglZRuerbxNt6di1CAp7dF2MVa7Rf8oNKRD__7GewCbND6O1qdTSGy-gavBOuGJ2ohcnPEdky-9ic098&google_hm=3UCS6dFmQoOwZqTqQH2s0yw
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame C629
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFFCcU9pmoO9...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YjM2OTNiN2ItODViMS00M2M4LThkNzQtMzMwNWQyNWZiMDFj&google_push=AXcoOmSIW5C7uE5Gh_V6unbHXEktEicECAq2BVEGrSNsKUY1nnidNYpva8KFqxZxc9s-E...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-69-164.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Sun, 13 Aug 2023 06:08:14 GMT
pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C629 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNjtCR2zJSk_25UmfIBDfO1PfefFRltClRBTDwH48s4_Wxm92D0EpFPaGJAFpFGJK4CNCoAVs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1691942893&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691906893888&bpp=1&bdt=3331&idt=1&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db27ee4dc1f1556-22977da89ae30052%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q&gpic=UID%3D00000d8ac555c9b8%3AT%3D1691906892%3ART%3D1691906892%3AS%3DALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A&prev_fmts=0x0%2C1068x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=5&correlator=6044218633756&frm=20&pv=1&ga_vid=2075883262.1691906892&ga_sid=1691906892&ga_hid=895222836&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076088%2C31076924%2C31076963%2C44789816&oid=2&psts=AOrYGsnXoK0iPdj07mRaKpsONDsy4fkl_WvSlvpfUYhkD0PzFCOJ1d2ck3uL57vRqAQU2U5bzp0muFr1CDLtVXPAiOL-NNby%2CAOrYGsnZ2q1h4bJ6R0WV6dvYs48hCBsa2G8pm2zu0yIjeTGwofP5Z1CzQIJ1F41liRnLXEVbMpRAnRRR_nYmaiTyZX7a9SJOnYSkFjhKi_2NHCOgnt4-rQ%2CAOrYGsm2w5vyLmTZFJ6az8MixQxH1njcZABnmZFdEM7eqTh38FwElPOJUAH96mynIBIW_HSPXC2egJfxduem790Ie97krCCRWNqG3hLSlaWICAqXA-5kYA&pvsid=2471841082924447&tmod=1489047757&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=5&fsb=1&xpc=XZCrHfNgwF&p=https%3A//all-news.co&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:08:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
5539-lets-go-golfing-72-hours-in-miami-with-dj-khaled.jpg
all-news.co/wp-content/uploads/2023/07/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5539-lets-go-golfing-72-hours-in-miami-with-dj-khaled.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
cf36c562e7ee9d2bedf58672ce7981065b9befb83fd67bb9febc71bf48effc81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sat, 29 Jul 2023 16:47:22 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"1fab7-601a2f3913b26"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
129719
5531-final-fantasy-xiv-dawntrail-chills-out-with-vacation-vibes.png
all-news.co/wp-content/uploads/2023/07/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://all-news.co/wp-content/uploads/2023/07/5531-final-fantasy-xiv-dawntrail-chills-out-with-vacation-vibes.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi481268.contaboserver.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash
71b7a3f25b97bc4faca0e54f11a356789f2d07d3ebb71974d0978edf916c04d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 06:08:14 GMT
Last-Modified
Sat, 29 Jul 2023 12:47:24 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag
"205a7-6019f995e55dc"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
132519
activeview
pagead2.googlesyndication.com/pcs/ Frame B0F0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvd77tRl47_u7urZ6cWKXaIb3GMKvcm4ekSz1FmJHO3Q2tbfChR0gTF5L7ahxd7J56_j3kJY6DfYeGU3E7QxT4XNxuw0CBCUFRlmQxD0yQNlkeooZTeexUFq_TaA0SFkBkwxhhZAjpUCQ&sai=AMfl-YQSeH9--BffCMaWBtSqLeZmi3xfCLEOhcIFl7RMybYtqU6hQFIJNNTWLjr9nEBMCrSqbm7cPd3bJEFP&sig=Cg0ArKJSzHrT0ZzimFnSEAE&cid=CAQSGwBpAlJWkGOe6OfF9yTbIuffsmVvrTUwfAoLuxgB&id=lidar2&mcvt=1022&p=0,0,600,160&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691906892741&rpt=291&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230809&jk=2471841082924447&bg=!xsWlxZHNAAaiGN5Pghg7ADkAdvg8WkOcMQO_ryg-vM0wsLSrrka4aace5olUgMskV_cBhg3hFbq4GL0PtV_X6SgxlBWntEfOP3gCAAAAVFIAAAAbaAEHmQLVCqTLVv9FP6gecWiD6SKFnBWO5zbZyjLa_RH-kMSfwmvWPAZib8C3PZ4CxP3FG8vTymVyzoUPJaYJBKxdHzYCXaiRSWZO8rPAMcyfuO0nLQ0iP8dTlFodEo0AmD38V_bQqgm2bpVqnBf5k9YnzVOo71SwUsKPVWNP-u9XJYjt1gsv72wWyrRC7Tq2nrC3h2dTgUdegdW2O4f-fDD4V-nMrrS1RZpRccon4N_M4S3jmZMQf4JY4d7gi9J8qL_17Nw2MLYKnRdGvTf-QSKW9hmLJQ7P39TbMMCUMHtUPc9uDCOIAmpmWxw4rlxII-U8mt1l5IBV8QP-9GBQQwMTt076ZPcCRhOyPn0Tvh9cF_zfy4Fibjcnw0z6M8bAXxLq_INghyf2_H70l1Y4jLAZ9qYLnP2iYbhKEAvmpJzjzQtX8GcvAIzGlGqvH8FUcjwd2B3pmv4AoV8CIjaalzZkD7qXnitRSNqg0AZGnaSixQvhJORMDWZHekquuJo_9XphU7GtgYkb-Elnx9wxX0cdPydDBYbTsI9uj5bXhy3-sJ1AGMCilXOZZj2KrwkSjnR7sTHvsVvvngj0_rnMwpqx9q6MF0A_e65t6TmCNjTQ1vvMuzMboAUj-qVJ0bevzYhMz-lv-QjatKEukJYFhUtbl6EyEZpk52aN2okVlvcEQeYsZ2rQ38pbK4dty-iwuNhTuT_JTMNODBIg1NB2k5FBe5C29Cyax9f4hfiG4QP1x8tVFTxNp-HIZcYauU4oXoaHYFH0cteil1wwvXcd91hpBYZLHqTO_ZlaEi_k1AN_mcrevB0Yv-sDukeaVi84pIHw0M4xUwomJWdbPO4rHHeE6OpLmksHLKHH-DAFnKevbR2SC6dId5Smv8a4tv4xHbVkDH2okpu3tE9QJZ_KXINjcfHrkvcPCMV66Crdgbt2bPCBYt7T388m0X7n3rG3D_bzixceBHrT4CQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 846C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUwEoYVMvGzOV1LxiK-MmS25ZujcY5FJFPjopEU0BrcpeLUUEMF8n6_jTQcha7rTb_Jc4lSnivYhAoQZ9opKQGKKlEuIgSCC44Ugc&sig=Cg0ArKJSzHlxFIhKn_f8EAE&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691906892889&rpt=235&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame 677E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=5erj_Y3XDLPgGuSr3_oKexKqBXGZ2r48TQfma9u2Z6IBmLUGcpTPT62tcwwPTNaDuIQtkwsDZELkOncCi0P2vQh3aftiQhayj3k4MoAWhphIwyVXJyCuiZ5G7ku_KXY0c5QWYodQpGgOuo_dTQx_F5Cf6iMmT6LQFDuuBSmBhN5vHE2xdXArLm-o7iN25U5VhyJedbH_aQO8vnN2h87nSU7AqI-SQXRdE_fVs-hfJBcm6ifSIdDUZPH8kuP6fmcxTz7D7dTgSzyLqX4V&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNhzTAACRnIE0aKFAAbyeK6tOWuRxusIy-yJdg&u=%7Cxsi3FnDsENGCfUPReRg9XHPZ%2BUlR7scDtN7NDCsKjTM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziulh3_ePIJ91d1XFUjZEnWckhloIQ380_avkecAn2H3HbXohpn0w_khSpWBQ4dpG1R4k_Dd_h7tasE-Gg2utFXUjyz0m2nn7b1hK1ZhGvFDvfpFe8U5eRTM9Pgo8aGRPok3Ic6phVForEEC3hoxZwbJaMZTcIz2pLpLN6AEfpO8sgRytVmo1IWcgYzxW7WnFs3pxa4RT2ulOvLdvHe6ICIgwi5f7WCM3UZiAuBWqt2866JZbExuq8qm3HHNnGWTOT76M5GvdQ_b8b5tPbnN88A8uXtqneYoGFhAkibBoHNlIXFL5tlJ29H1eebPQylv1QEUyNvDy3bIUJAzKAeCQDkej5fV1Hj8tfcW5tR4b-P9eLk5SZaLUm68pI2A44c0RMdLVHpAw4ROiqj1clCWfbpM5Yyc8-xoxrQtoH87fIuoBYG8VxxduY2UtXBKxw5jdyCC1MnOGFYj0lDpz6OxHvHcdDwdjyd8xHHEzSMNSSP7QMgrHl2AEzWfib1W7NyaTO5Z57ejKBG-HQQYHEZ5-4lgCRRuBpCQycj01-c3vzMo8_UbYLVFOq4Vscs3Ni4k9odkTw78fyS2yvGqvuXT9DH-0fEsLMJ4YPCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJlSCTHPYZPKMCYXFxtYP-OSb-AOcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OcgBCagDAcgDAqoEvAFP0C2opfLnCUjr6I8rPLleOzq4i5UAlAuJezrKdmi3pHitjBc0zn9jHdVwJ0DIDYddbom8M1GN7Nfz1jQ2zUbKeJA8EJsu8SvEeTTsIE7lBS4bi1nlmsFgKUDciWEC85Qv7eFDLo_t6ojoqsp7YTK0fjBq8a7laF1aCmXdfxnrQrBfS8LLEvh6YBY5Yt8v5yEu_8AylBc_l4w9vJYlMfLQkYP15jpZ0L5vALKHtbWYOYojB93IzdlTxTQHk4AG1diLz6WY8uZLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ywMXwovt2WRsC4qFqoVoUeUaOJA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 13 Aug 2023 06:08:14 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
csi
csi.gstatic.com/ Frame DCAD 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll91ohtc&c=8440166364753&slotId=4220083182376.5&qqid=CPDisqr82IADFYWi0QQdePIGPw&umsem=0&ple=1&ape=1&met.4=vil.ll91oiet~vfl.ll91oii0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2f535b9406961ba311420c610f64e4c9.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:823::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 06:08:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| _wpemojiSettings undefined| $ function| jQuery object| tdb_globals object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_ad_background_click_link string| td_ad_background_click_target object| twemoji object| wp function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| nativeAdLayoutComputer object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson function| amzn_assoc_jsonp_callback_adunit_0 function| amzn_assoc_client_cb_0 object| block_tdi_62 object| block_tdi_68 object| block_tdi_69 object| block_tdi_70 object| block_tdi_71 object| block_tdi_76 object| block_tdi_77 object| block_tdi_82 number| td_screen_width object| block_tdi_86 object| adsbygoogle object| block_tdi_96 object| block_tdi_99 object| block_tdi_102 object| block_tdi_113 object| block_tdi_116 object| block_tdi_128 object| block_tdi_131 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| _ string| google_user_agent_client_hint object| tdbAutoload object| $jscomp object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdPopupModal object| tdReadingProgressBar object| tdTabbedContent object| tdConfirm function| Hammer function| $f function| onYouTubeIframeAPIReady object| addComment undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdbLocationFinder object| tdbLocationDisplay object| tdbFormTaxonomies object| tdbFormFileUpload object| tdbPostsList object| tdbModal object| tdbFilters object| tdbFiltersLoop object| tdbFiltersList object| tdbFiltersDropdown object| tdbReviewsList object| tdbCustomForms object| tdbTOC object| tdcPostSettings function| tdbGetMobileTemplates function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| amznAssocFallbackMode_0 object| amznAssocEstimatedPerformance_0 object| callbacks object| amznassoccsm function| trackingUtils function| nativeAdLoader function| nativeAd boolean| dealFallbackDisabled object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

17 Cookies

Domain/Path Name / Value
all-news.co/ Name: PHPSSIDDD2
Value: RH3PztBghemQuQI
.amazon-adsystem.com/ Name: ad-id
Value: A9jVSW5_xU-CqcRxHVoT3Ok
.all-news.co/ Name: __gads
Value: ID=0db27ee4dc1f1556-22977da89ae30052:T=1691906892:RT=1691906892:S=ALNI_Ma6xgofSRoFQIeFBUUtEvIUKkBl2Q
.all-news.co/ Name: __gpi
Value: UID=00000d8ac555c9b8:T=1691906892:RT=1691906892:S=ALNI_MbQfw-UW6i8CVRfZwMFsP73HMjm9A
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUn-FCwz_lQW2RSbVkfSNHRVmtF0KawttHzF2pHyerctCrsqqIykloysANySjl0
.googleadservices.com/ Name: ar_debug
Value: 1
.blismedia.com/ Name: b
Value: 64D8734E32DA4F058B0751D4BLIS
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A2473636473543899291
.mxptint.net/ Name: mxpim
Value: R33645_10754C66A_117F0B30E.1.64D8734E
.ctnsnet.com/ Name: cid_dd4092e9d1664283b066a4ea407dacd3
Value: 1
.ctnsnet.com/ Name: gid_CAESEF5Ixa_QVLR1cFnM7WR7lFY
Value: 1
.teads.tv/ Name: tt_viewer
Value: b3693b7b-85b1-43c8-8d74-3305d25fb01c
.adsrvr.org/ Name: TDID
Value: 03906f66-217f-45e4-9c3b-e634c8eb44e3
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI6LCL6LbzjTwQBRgFIAEoAjILCKDq0pTN8408EAU4AQ..
.send.microad.jp/ Name: TR
Value: 1eb93007663d1ceb61cda53c2c6528e884a2fb8401f93148

2 Console Messages

Source Level URL
Text
other warning
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-8439024877331049&fa=1&ifi=12&uci=a!c&btvi=4&xpc=TbQFL2q2nU&p=https%3A//all-news.co
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-us-east.amazon-adsystem.com
ads.us.criteo.com
aep.mxptint.net
aid.send.microad.jp
all-news.co
cat.va.us.criteo.com
cm.g.doubleclick.net
csi.gstatic.com
csm.us.criteo.net
dsp.adkernel.com
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ius.ctnsnet.com
m.media-amazon.com
match.adsrvr.org
p4-dvsini3p6t2y6-ehw5oit5d3d7mvlj-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
r3---sn-ab5sznzy.gvt1.com
redirector.gvt1.com
rtb.va.us.criteo.com
s3.us-east-2.amazonaws.com
static.criteo.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
wms-na.amazon-adsystem.com
ws-na.amazon-adsystem.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
z-na.amazon-adsystem.com
162.55.49.247
172.217.13.162
172.217.13.98
172.217.13.99
174.137.133.49
18.238.32.125
202.233.84.1
2607:f8b0:4006:15::8
2607:f8b0:4020:804::2003
2607:f8b0:4020:805::2001
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::2004
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::200e
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::200a
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2a00:1450:4009:823::2003
2a04:4e42::272
3.160.20.174
34.96.105.8
35.186.193.173
35.71.131.137
38.98.69.175
5.189.131.58
52.219.178.105
52.46.135.132
52.46.154.240
52.94.233.131
72.247.69.164
74.119.119.147
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096fe96236767e41c9ad309188238cc85515e110df6422bf9fe6e732e095ee55
0976a1920eb81b84506c17248954d1d40dac02ea043be8895437387cd68619e2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
22ef10cbeac521537e04ebc266964ee3aed5065736f706704eb58ef351f4f26f
29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b5c078458fbd01db6017cad01bee6ebafe6fef8f607793f6c829394a03679e8
3d95d1205677aab3167f6c9d931c405540d5a8c407919e49f4edbe885dc09f35
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
4bf51418238b06596aa349cfa22360c9ecedf7016216837ee254b0b514b228f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2d542fd70430f7f15c1d0f72c94e3e3d36adc39f0a1f01e5bbfa3b2b0558eb
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562138050aceed3b196b34b7e2fd1ba81861345bfaa2dca7ddd7845ffd4e80cf
583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf
5b31f233f657f01903fed3dd07344328170a07eb8281358c0bb1bac4380612c6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
678637684694d070848482535535207959a6703ab0c5365ec1b3b2169af3cf31
6d6b107f1023bcba6991a3e009b5697cef08981a1bfe46670dc04f73c45a746b
71b7a3f25b97bc4faca0e54f11a356789f2d07d3ebb71974d0978edf916c04d7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
78a89e5302fbeb06a296a24dba19b0bea7d1f6271bfd59d461cc27f7a7cd144d
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8c2515bcb3c72f052e85ed1c062a96cccca46160e46d604ae501354ff299610d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9285aa656e47f5a5e92265a10f7fa7901542e59983ec35c624fc3cccbc8cd4df
960e1d9cf9716b3fcece185763e27b7a65e4b1a0c5727945c5a49010aa47efa1
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
988e33eacbaca6e410c03a4c889b385d7f6e09786ca5d6716c5c848523cb8a31
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a3e6f8956b7be4639f932a34d3a2fbc17647bd843b62f4c3887d91f6abbaf769
a48f582be40138d5727e6b2205212c13a6abddd1f0b19c71d2fc78781fbe519f
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a75828037b9ada903c17d2d785ec22b5d181cdd1b54aca8f9a4e0aed8665fca6
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad679a3f41ad8cdd3199b9b5de81b3dcfdf776259b9d182d1ef4436dedabb652
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c702c7c66af478eed2a56977be3cb5db14ef92af0d5ef05a3e163e70aa5fcc
b611ba3d781e372a10896ce069551c8681fca38e978daf8a8af06ef12698bc2d
b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28
b8d24ad1017e43c7e87605d98c60b87fafdba17d3f1e46e223a05ed2f864bf85
bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5
c1714a3c53be09a82d9f8618b763498eed6a43e0810d31c15cc9855fb338be49
c274f78a1b548eea327ab519a769bf06a822cfb0dd3c5bf0a590003e771fad07
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287
cb54976f5284b43f089719e5dbb5e79cdeea41b723c4c2ae02c5782421fe40e0
cbf51469666c1fc5b4fb1033fcdde2c994c8398b4d0e4540cb91855f7f996fdd
cd00f5966dd205e8868c2d30e3f56450d577ffa438df1591ea83b11f19a18617
cf36c562e7ee9d2bedf58672ce7981065b9befb83fd67bb9febc71bf48effc81
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d22cdb6a862bc45950930a0096a5932f298de559496dfc23fb8b3bccb77790b7
d3096d7f3afd74d0a3b24e6103862e36575aa624fabf757c497a10ecf573c389
d365d2a074425cc1b0e89e9504c18e39fcda62c79e39bcc0fe2c2caf81ee44b1
da9e74b257da3d05a8934693a93e8680e04211a4670542ef057131401da8b03e
dca47add5ff568fafdc259428258ba7400cf1443b713f75ff25f0a73439fdfc2
dca6f5f1ade8662963a0f42e7bb490b1118749773139a2b8ada1d01451454b7f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de6d4227d7c2186856dc98c33eb45cf3b0e6cf946c5711f139b21e14cdf30479
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193
eaa152a6fdabbec0da86fc2992650fea38dae839f4cb48cf174b070f71e875d1
eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c24d681529bb22ddbfa56a5a52dee1ab4f499365589f4d9fef1d04b9b22fba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd06b0de1a9d419768e7466f02c052e3c9d244a59059dfa1dd3c4901ed3d5ee0